Offensive 360
Offensive 360 is a static application security testing (SAST) solution that performs source code analysis to identify security vulnerabilities and weaknesses in application code. The tool utilizes virtual compilers for different programming languages to analyze source code without requiring build or compilation processes. It performs: - Source code vulnerability scanning - Open-source component analysis - Malware detection - License compliance checking - Infrastructure as Code (IaC) security analysis Key capabilities include: - Entry point tracing and execution flow analysis - Integration with CI/CD pipelines and development workflows - Support for multiple programming languages - Code analysis without requiring internet connectivity - On-premises and cloud deployment options - Dependency scanning and third-party component analysis The platform is designed to be used throughout the software development lifecycle and provides both cloud-based and on-premises deployment options. It can be integrated into existing development tools and processes while maintaining source code privacy through local analysis capabilities.
FEATURES
ALTERNATIVES
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
A Rust-based command-line tool for analyzing .apk files to detect vulnerabilities.
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
Identifies misconfigured CloudFront domains vulnerable to hijacking
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
An API security platform that discovers, documents, and tests APIs throughout the development lifecycle while maintaining a centralized catalog of all API assets.
A collection of mobile security resources with tools, white papers, ebooks, and webinars.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.