vulnerability-assessment

36 tools and resources

NEW

AWVS Logo

AWVS

0 (0)

A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.

Vulnerability Management
Free
appsecapp-securityweb-app-securityvulnerability-scanningvulnerability-assessmentweb-application-security
SecurityVulnerability.io Logo

SecurityVulnerability.io

0 (0)

SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.

Vulnerability Management
Free
vulnerability-managementvulnerability-assessmentvulnerability-detectionsecurity-information
Gobuster Logo

Gobuster

0 (0)

A powerful directory/file, DNS and VHost busting tool written in Go.

Network Security
Free
dnsfile-scanningvulnerability-assessmentpenetration-testing
liffier Logo

liffier

0 (0)

A simple snippet to increment ../ on the URL.

Miscellaneous
Free
vulnerability-detectionweb-app-securitysecurity-auditpenetration-testingvulnerability-assessment
Subfinder Logo

Subfinder

0 (0)

Fast passive subdomain enumeration tool

Network Security
Free
subdomain-enumerationdns-lookupweb-scrapingpenetration-testingvulnerability-assessment
Param Miner Logo

Param Miner

0 (0)

A tool for identifying and extracting parameters from HTTP requests and responses

Application Security
Free
appsechttpsecurity-testingvulnerability-assessment
parameth Logo

parameth

0 (0)

A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.

Application Security
Free
appsecapp-securityweb-app-securityweb-securityvulnerability-detectionvulnerability-assessment
metahttp Logo

metahttp

0 (0)

A bash script for scanning a target network for HTTP resources through XXE

Network Security
Free
penetration-testingvulnerability-assessmentxxecurl
csprecon Logo

csprecon

0 (0)

A tool to discover new target domains using Content Security Policy

Network Security
Free
cspcontent-security-policypenetration-testingvulnerability-assessmentsecurity-research
ThreatDown EDR Logo

ThreatDown EDR

0 (0)

Powerfully simple endpoint security solution that takes down threats without interrupting business.

Endpoint Security
Commercial
endpoint-securityantivirusvulnerability-assessmentincident-responseendpoint-detectionpatch-management
DefectDojo Logo

DefectDojo

0 (0)

OWASP Project for making vulnerability management easier.

Vulnerability Management
Free
vulnerability-managementvulnerability-assessmentvulnerability-detectioncollaborationowasp
AFE Android Framework for Exploitation Logo

AFE Android Framework for Exploitation

0 (0)

A framework for exploiting Android-based devices and applications

Offensive Security
Free
appsecapp-securitypenetration-testingvulnerability-assessmentsecurity-research
Webhacking.kr Logo

Webhacking.kr

0 (0)

Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.

Training and Resources
Free
web-app-securityweb-securityvulnerability-assessmentvulnerability-detectionpenetration-testing
AttackSurfaceMapper Logo

AttackSurfaceMapper

0 (0)

Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

Vulnerability Management
Free
attack-surfacereconnaissancenetwork-discoveryvulnerability-assessmentsecurity-audit
Flan Logo

Flan

0 (0)

A vulnerability scanner that helps you identify and fix vulnerabilities in your code

Vulnerability Management
Free
vulnerability-scanningvulnerability-detectionsecurity-testingpenetration-testingvulnerability-assessment
DefaultCreds-cheat-sheet Logo

DefaultCreds-cheat-sheet

0 (0)

A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment

Malware Analysis
Free
blue-teamred-teamvulnerability-assessmentvulnerability-detection
Windows Privilege Escalation Techniques Logo

Windows Privilege Escalation Techniques

0 (0)

A list of Windows privilege escalation techniques, categorized and explained in detail.

IAM & Credential Management
Free
windowsprivilege-escalationsecuritypenetration-testingvulnerability-assessment
HTB Academy Logo

HTB Academy

0 (0)

HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

Training and Resources
Free
cybersecuritytrainingcertificationpentestingvulnerability-assessmentthreat-intelligence
Cybersecurity Evaluation Tool (CSET) Logo

Cybersecurity Evaluation Tool (CSET)

0 (0)

CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.

Vulnerability Management
Free
appseccompliancecybersecurityvulnerability-assessment
Acunetix Vulnerability Scanner Logo

Acunetix Vulnerability Scanner

0 (0)

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

Application Security
Free
appsecappsec-testingintegrationjenkinsdockervulnerability-assessmentvulnerability-management
Cloud Security Suite (cs-suite) Logo

Cloud Security Suite (cs-suite)

0 (0)

Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.

Cloud and Container Security
Free
auditcloud-securityawsgcpazurepenetration-testingvulnerability-assessment
Alien Vault Ossim Logo

Alien Vault Ossim

0 (0)

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

SIEM and Log Management
Free
asset-inventoryvulnerability-assessmentintrusion-detectionsiem
CAPEC Logo

CAPEC

0 (0)

CAPECâ„¢ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.

Threat Management
Free
cybersecuritythreat-intelligencevulnerability-assessment

Penetration Testing Execution Standard (PTES)

0 (0)

A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

Offensive Security
Free
penetration-testingsecurity-testingvulnerability-assessmentcompliance
Vim Syntax Highlighting for YARA Rules Logo

Vim Syntax Highlighting for YARA Rules

0 (0)

Vim syntax-highlighting plugin for YARA rules with support up to v4.3.

Miscellaneous
Free
vulnerability-detectionvulnerability-assessmentvulnerability-managementbinary-securityfile-analysis
Attack-Defense Online Lab Logo

Attack-Defense Online Lab

0 (0)

Hands-on cybersecurity training and testing platform with 1800+ labs

Training and Resources
Free
penetration-testingvulnerability-assessment
Kali Logo

Kali

0 (0)

Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.

Offensive Security
Free
digital-forensicspenetration-testingnetwork-analysisvulnerability-assessmentsecurity-testing
AttackerKB Logo

AttackerKB

0 (0)

A platform providing an activity feed on exploited vulnerabilities.

Threat Management
Free
vulnerability-assessmentvulnerability-detectionvulnerability-exploitationcveexploit
IntelligenceX Logo

IntelligenceX

0 (0)

Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

Threat Management
Free
vulnerability-assessmentvulnerability-scanningcompliancesecurity-auditvulnerability-detection

SmashTheStack Wargaming Network

0 (0)

A wargaming network for penetration testers to practice their skills in a realistic environment.

Offensive Security
Free
penetration-testingsecurity-trainingcyber-rangesecurity-testingvulnerability-assessment
Nessus Professional Logo

Nessus Professional

0 (0)

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

Vulnerability Management
Free
vulnerability-assessmentvulnerability-detectionvulnerability-managementattack-surfacecompliance
BeSECURE Vulnerability Management Logo

BeSECURE Vulnerability Management

0 (0)

A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.

Vulnerability Management
Free
vulnerability-assessmentvulnerability-managementthreat-intelligence

Zero Day Initiative Published Advisories

0 (0)

List of publicly disclosed vulnerabilities with security filters and detailed advisories.

Vulnerability Management
Free
vulnerability-detectionvulnerability-assessmentvulnerability-management
Rudder Logo

Rudder

0 (0)

A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.

Miscellaneous
Free
automationinfrastructureconfiguration-managementpatch-managementvulnerability-assessmentcompliance
Paros Logo

Paros

0 (0)

A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

Vulnerability Management
Free
appsecproxyweb-app-securityvulnerability-assessmentxsssql-injection
InsecureBankv2 Logo

InsecureBankv2

0 (0)

Vulnerable Android application for learning security concepts.

Vulnerability Management
Free
appsecappsecurityvulnerabilityvulnerability-assessmentvulnerability-detection