Vulnerability Assessment

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.

A comprehensive reference guide covering Nessus vulnerability scanner configuration, management, API usage, and best practices.

AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.

A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.

CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.

NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.

A structured approach for conducting penetration tests with seven main sections covering all aspects of the test.

Mana Security is a macOS-focused vulnerability management tool that continuously monitors 100+ applications for security vulnerabilities and tracks patching performance against community benchmarks.

CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.

Hands-on cybersecurity training and testing platform with 1800+ labs

WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.

A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.

A platform providing an activity feed on exploited vulnerabilities.

A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.

MetaHub is an open-source vulnerability management tool that provides impact-contextual analysis of security findings in AWS environments through automated contextualization, ownership identification, and prioritization scoring.

Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

A wargaming network for penetration testers to practice their skills in a realistic environment.

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.