DOMXSS Scanner
DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities. It allows you to upload your HTML, JavaScript, and CSS files to scan for potential vulnerabilities. The tool provides a detailed report of the findings, including the vulnerable code snippets and recommendations for remediation.
FEATURES
ALTERNATIVES
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
A series of levels teaching about common mistakes and gotchas when using Amazon Web Services (AWS).
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
A deliberately vulnerable modern day app with lots of DOM related bugs
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.