Checkov
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
Automatic authorization enforcement detection extension for Burp Suite written in Jython, developed by Barak Tawily, to ease application security people's work and allow them to perform automatic authorization tests.
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
A browser with XSS detection capabilities
This article discusses the different types of remote timing attacks and provides defense strategies against them.
Dynamic Java code instrumentation kit for Android applications.