Acra
Database protection suite with field level encryption and intrusion detection. Acra provides application-level encryption for data fields, multi-layered access control, database leakage prevention, and intrusion detection capabilities in one suite. Perfect for distributed apps (web, server-side and mobile) that store data in one or many databases / datastores. Typical industries: Web and mobile apps that store data in a centralised database or object storage, Healthcare, patient apps, Finance, fintech, neobanking, SaaS, Critical infrastructures, Apps with > 1000 users, IoT apps that collect telemetry and process data in the cloud, High-load data processing apps. Acra gives you tools for encrypting each sensitive data record (data field, database cell, json) before storing them in the database / file storage. And then decrypting them in a secure compartmented area (on Acra side). Acra allows to encrypt data as early as possible and operate on encrypted data.
FEATURES
ALTERNATIVES
Collection of CTF writeups from September 2018 onwards, including various CTFs and HackTheBox.
A tool to verify the integrity of PNG, JNG, and MNG files and extract detailed information about the image.
A Python library for querying ThreatCrowd's API for email, IP, domain, and antivirus reports
A controller addon that provides additional security defenses for onion services ahead of official Tor-core release.
Package verification tool for npm with various verification and testing capabilities.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.