DVTA - Vulnerable Thick Client Application

Free

DVTA is a Vulnerable Thick Client Application developed in C# .NET. Some of the vulnerabilities covered in this Application include: Insecure local data storage, Insecure logging, Weak cryptography, Lack of code obfuscation, Exposed decryption logic, SQL Injection, CSV Injection, Sensitive data in memory, DLL Hijacking, Clear text data in transit. Requires .NET version 4.5. More Documentation Coming soon!

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

ALTERNATIVES

UglifyJS 3

JavaScript parser, minifier, compressor, and beautifier toolkit with simplified API and CLI.

Free

Application Security

apkid

APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.

Free

Application Security

0l4bs Cross-site scripting labs

Cross-site scripting labs for web application security enthusiasts

Free

Application Security

AWS WAF

AWS Web Application Firewall (WAF) for protecting web applications from common exploits.

Free

Application Security

Blankie

A CSP plugin for hapi with per-route configuration options.

Free

Application Security

JFrog Software Supply Chain Platform

An integrated software supply chain platform that combines repository management, security scanning, and DevSecOps capabilities for managing and securing the entire software development lifecycle.

Commercial

Application Security

BunkerWeb

BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.

Free

Application Security

AppMon

Automated framework for monitoring and tampering system API calls of native macOS, iOS, and Android apps.

Free

Application Security

PINNED

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Resources

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources

OSINTLeak

OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

Digital Forensics

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security

Check Point CloudGuard WAF

A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security