Hackazon
Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. Hackazon has an AJAX interface, strict workflows and RESTful API’s used by a companion mobile app providing uniquely-effective training and testing ground for IT security professionals. And, it’s full of your favorite vulnerabilities like SQL Injection, cross-site scripting and so on. Today’s web and mobile applications as well as web services have a host of new technologies that are not being adequately tested for security vulnerabilities. It is critical for IT security professionals to have a vulnerable web application to use for testing the effectiveness of their tools and for honing their skills. Hackazon enables users to configure each area of the application in order to change the vulnerability landscape to prevent “known vuln testing” or any other form of ‘cheating.’ Since the application includes RESTful interfaces that power AJAX functionality and mobile clients (JSON, XML, GwT, and AMF), users will need to the latest application security testing tools and techniques to discover all the vulnerabilities.
FEATURES
ALTERNATIVES
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
Protect your Fastify server against CSRF attacks with a series of utilities and recommendations for secure application development.
Aqua Security is a CNAPP that provides comprehensive security for cloud native applications across their entire lifecycle, from development to production, in various cloud and container environments.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.