Vulnerability Assessment

LATEST ADDITIONS

• 

  Vulcan Cyber

  An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.

  0

  Commercial

  Vulnerability Management

  vulnerability-management

  risk-management

  +8
• 

  Burp Suite Professional

  A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.

  0

  Commercial

  Offensive Security

  penetration-testing

  web-security

  +8
• 

  StrikeOne

  StrikeOne is a vulnerability management platform with AI capabilities that helps organizations identify, prioritize, and remediate security vulnerabilities through attack surface management, vulnerability management, and cybersecurity posture assessment.

  0

  Commercial

  Attack Surface Management

  vulnerability-management

  ai

  +8
• 

  XRATOR

  XRATOR is a cybersecurity platform that continuously identifies vulnerabilities, assesses business risks, and manages security posture to align with strategic objectives and compliance requirements.

  0

  Commercial

  Attack Surface Management

  attack-surface

  vulnerability-management

  +8
• 

  Fluid Attacks Continuous Hacking

  An application security testing platform that combines automated scanning, AI assistance, and manual expert testing to provide continuous security assessment throughout the software development lifecycle.

  0

  Commercial

  Application Security

  application-security

  security-testing

  +8
• 

  Bima Scanner

  An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.

  0

  Free

  Vulnerability Management

  vulnerability-scanning

  web-security

  +7
• 

  OpenVAS

  OpenVAS is an open-source vulnerability scanner that provides extensive testing capabilities for identifying security weaknesses in networks and systems.

  0

  Free

  Vulnerability Management

  vulnerability-management

  vulnerability-scanning

  +4
• 

  AWVS

  A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.

  0

  Free

  Vulnerability Management

  appsec

  app-security

  +4
• 

  SecurityVulnerability.io

  SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.

  0

  Free

  Vulnerability Management

  vulnerability-management

  vulnerability-assessment

  +2
• 

  Gobuster

  A powerful directory/file, DNS and VHost busting tool written in Go.

  0

  Free

  Network Security

  dns

  file-scanning

  +2
• 

  liffier

  A simple snippet to increment ../ on the URL.

  0

  Free

  Miscellaneous

  vulnerability-detection

  web-app-security

  +3
• 

  Subfinder

  Fast passive subdomain enumeration tool

  0

  Free

  Network Security

  subdomain-enumeration

  dns-lookup

  +3
• 

  Param Miner

  A tool for identifying and extracting parameters from HTTP requests and responses

  0

  Free

  Application Security

  appsec

  http

  +2
• 

  parameth

  A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.

  0

  Free

  Application Security

  appsec

  app-security

  +4
• 

  metahttp

  A bash script for scanning a target network for HTTP resources through XXE

  0

  Free

  Network Security

  penetration-testing

  vulnerability-assessment

  +2
• 

  csprecon

  A tool to discover new target domains using Content Security Policy

  0

  Free

  Network Security

  csp

  content-security-policy

  +3
• 

  ThreatDown EDR

  Powerfully simple endpoint security solution that takes down threats without interrupting business.

  0

  Commercial

  Endpoint Security

  endpoint-security

  antivirus

  +4
• 

  DefectDojo

  OWASP Project for making vulnerability management easier.

  0

  Free

  Vulnerability Management

  vulnerability-management

  vulnerability-assessment

  +3
• 

  AFE Android Framework for Exploitation

  A framework for exploiting Android-based devices and applications

  0

  Free

  Offensive Security

  appsec

  app-security

  +3
• 

  Webhacking.kr

  Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.

  0

  Free

  Resources

  web-app-security

  web-security

  +3
• 

  AttackSurfaceMapper

  Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

  0

  Free

  Vulnerability Management

  attack-surface

  reconnaissance

  +3
• 

  Flan

  A vulnerability scanner that helps you identify and fix vulnerabilities in your code

  0

  Free

  Vulnerability Management

  vulnerability-scanning

  vulnerability-detection

  +3
• 

  DefaultCreds-cheat-sheet

  A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment

  0

  Free

  Malware Analysis

  blue-team

  red-team

  +2
• 

  Windows Privilege Escalation Techniques

  A list of Windows privilege escalation techniques, categorized and explained in detail.

  0

  Free

  IAM

  windows

  privilege-escalation

  +3
• 

  HTB Academy

  HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

  0

  Free

  Resources

  cybersecurity

  training

  +4
• 

  Cybersecurity Evaluation Tool (CSET)

  CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.

  0

  Free

  Vulnerability Management

  appsec

  compliance

  +2
• 

  Acunetix Vulnerability Scanner

  A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

  0

  Free

  Application Security

  appsec

  appsec-testing

  +5
• 

  Cloud Security Suite (cs-suite)

  Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.

  0

  Free

  Cloud Security

  audit

  cloud-security

  +5
• 

  Alien Vault Ossim

  AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

  0

  Free

  SIEM

  asset-inventory

  vulnerability-assessment

  +2
• 

  CAPEC

  CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.

  0

  Free

  Threat Management

  cybersecurity

  threat-intelligence

  +1
• 

  Penetration Testing Execution Standard (PTES)

  A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

  0

  Free

  Offensive Security

  penetration-testing

  security-testing

  +2
• 

  Vim Syntax Highlighting for YARA Rules

  Vim syntax-highlighting plugin for YARA rules with support up to v4.3.

  0

  Free

  Miscellaneous

  vulnerability-detection

  vulnerability-assessment

  +3
• 

  Attack-Defense Online Lab

  Hands-on cybersecurity training and testing platform with 1800+ labs

  0

  Free

  Resources

  penetration-testing

  vulnerability-assessment
• 

  Kali

  Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.

  0

  Free

  Offensive Security

  digital-forensics

  penetration-testing

  +3
• 

  AttackerKB

  A platform providing an activity feed on exploited vulnerabilities.

  0

  Free

  Threat Management

  vulnerability-assessment

  vulnerability-detection

  +3
• 

  IntelligenceX

  Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

  0

  Free

  Threat Management

  vulnerability-assessment

  vulnerability-scanning

  +3
• 

  SmashTheStack Wargaming Network

  A wargaming network for penetration testers to practice their skills in a realistic environment.

  0

  Free

  Offensive Security

  penetration-testing

  security-training

  +3
• 

  Nessus Professional

  Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

  0

  Free

  Vulnerability Management

  vulnerability-assessment

  vulnerability-detection

  +3
• 

  BeSECURE Vulnerability Management

  A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.

  0

  Free

  Vulnerability Management

  vulnerability-assessment

  vulnerability-management

  +1
• 

  Zero Day Initiative Published Advisories

  List of publicly disclosed vulnerabilities with security filters and detailed advisories.

  0

  Free

  Vulnerability Management

  vulnerability-detection

  vulnerability-assessment

  +1
• 

  Rudder

  A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.

  0

  Free

  Miscellaneous

  automation

  infrastructure

  +4
• 

  Paros

  A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

  0

  Free

  Vulnerability Management

  appsec

  proxy

  +4
• 

  InsecureBankv2

  Vulnerable Android application for learning security concepts.

  0

  Free

  Vulnerability Management

  appsec

  appsecurity

  +3