Explore 43 curated tools and resources
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
StrikeOne is a vulnerability management platform with AI capabilities that helps organizations identify, prioritize, and remediate security vulnerabilities through attack surface management, vulnerability management, and cybersecurity posture assessment.
XRATOR is a cybersecurity platform that continuously identifies vulnerabilities, assesses business risks, and manages security posture to align with strategic objectives and compliance requirements.
An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.
An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.
OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.
A powerful directory/file, DNS and VHost busting tool written in Go.
A simple snippet to increment ../ on the URL.
Fast passive subdomain enumeration tool
A tool for identifying and extracting parameters from HTTP requests and responses
A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.
A bash script for scanning a target network for HTTP resources through XXE
A tool to discover new target domains using Content Security Policy
Powerfully simple endpoint security solution that takes down threats without interrupting business.
OWASP Project for making vulnerability management easier.
A framework for exploiting Android-based devices and applications
Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment
A list of Windows privilege escalation techniques, categorized and explained in detail.
HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.
A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.
Vim syntax-highlighting plugin for YARA rules with support up to v4.3.
Hands-on cybersecurity training and testing platform with 1800+ labs
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
A platform providing an activity feed on exploited vulnerabilities.
Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.
A wargaming network for penetration testers to practice their skills in a realistic environment.
Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.
A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.
List of publicly disclosed vulnerabilities with security filters and detailed advisories.
A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
Vulnerable Android application for learning security concepts.