OWASP Damn Vulnerable Web Sockets (DVWS)
OWASP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication. The flow of the application is similar to DVWA. You will find more vulnerabilities than the ones listed in the application. Requirements: In the hosts file of your attacker machine create an entry for dvws.local to point at the IP address hosting the DVWS application. The application requires Apache + PHP + MySQL, PHP with MySQLi support, Ratchet, and ReactPHP-MySQL. Install 'Ratchet' and 'ReactPHP-MySQL' using composer. Set the MySQL hostname, username, password, and an existing database name in the includes/connect-db.php file then go to Setup to finish setting up DVWS. Running DVWS: On the host running this application, run the following command from DVWS directory: php ws-socket.php --heartbeat-interval <sec>
FEATURES
ALTERNATIVES
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Cutting-edge technology for developing security applications within the Linux kernel.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.