damnvulnerable.me is a deliberately vulnerable modern day app with lots of DOM related bugs. This app is designed to demonstrate various web vulnerabilities, including DOM-based cross-site scripting (XSS), cross-site request forgery (CSRF), and more. It's a great resource for security researchers, penetration testers, and developers to practice and improve their skills in identifying and exploiting web vulnerabilities. The app is regularly updated with new vulnerabilities and challenges, making it an excellent tool for staying up-to-date with the latest web security threats and countermeasures.
FEATURES
SIMILAR TOOLS
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
A popular free security tool for automatically finding security vulnerabilities in web applications
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
Scan files for viruses and malware with language-agnostic REST API
Python-based web server framework for setting up fake web servers and services with precise data responses.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.