Offensive 360
Offensive 360 is a static application security testing (SAST) solution that performs source code analysis to identify security vulnerabilities and weaknesses in application code. The tool utilizes virtual compilers for different programming languages to analyze source code without requiring build or compilation processes. It performs: - Source code vulnerability scanning - Open-source component analysis - Malware detection - License compliance checking - Infrastructure as Code (IaC) security analysis Key capabilities include: - Entry point tracing and execution flow analysis - Integration with CI/CD pipelines and development workflows - Support for multiple programming languages - Code analysis without requiring internet connectivity - On-premises and cloud deployment options - Dependency scanning and third-party component analysis The platform is designed to be used throughout the software development lifecycle and provides both cloud-based and on-premises deployment options. It can be integrated into existing development tools and processes while maintaining source code privacy through local analysis capabilities.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A web application designed to be 'Xtremely Vulnerable' for security enthusiasts to learn application security.
Cutting-edge technology for developing security applications within the Linux kernel.
Static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA) with over 1000 built-in policies for AWS, Azure, and Google Cloud.
EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.
Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A lightweight web application firewall that protects modern applications and APIs across distributed architectures with integrated DoS protection, bot defense, and DevOps-friendly deployment options.
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.