Vulnerability Detection

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Black Duck is an application security platform that provides software composition analysis and supply chain security capabilities to identify vulnerabilities, ensure license compliance, and manage SBOMs throughout the software development lifecycle.

A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.

An AI-powered application security platform that provides automated discovery, testing, and continuous monitoring of applications and APIs with minimal operational impact.

A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.

A security analysis platform that combines SAST, SCA, SBOM generation and AI-assisted remediation to detect and fix vulnerabilities during the software development lifecycle.

XBOW is an AI-driven tool that autonomously discovers and exploits web application vulnerabilities, aiming to match the capabilities of experienced human pentesters.

EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.

TrojAI is an AI security platform that detects vulnerabilities in AI models and defends against attacks on AI applications.

Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.

A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.

SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.

A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.

A simple snippet to increment ../ on the URL.

A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.

A multithreaded vulnerability scanner for web-based applications

InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection

A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.

A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.

A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.

A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages

A security analysis tool that detects and analyzes open redirection vulnerabilities in web applications.

A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases through automated scanning and reporting.