parameth
This tool can be used to brute discover GET and POST parameters This tool is designed to help security researchers and penetration testers to identify potential vulnerabilities in web applications. It can be used to discover hidden parameters, test for common web vulnerabilities, and identify potential security issues. parameth is a powerful tool for anyone looking to improve the security of their web applications.
FEATURES
ALTERNATIVES
A DAST solution that performs automated security testing of APIs and web applications within development workflows and CI/CD pipelines.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
EvoMaster is an open-source tool that automatically generates system-level test cases for web APIs using AI-driven techniques.
Runtime application security platform that provides vulnerability management, patching, and threat detection at the application level during program execution.
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
Arnica is an application security platform that offers real-time scanning, risk mitigation, and management across various aspects of the software development lifecycle.
A popular free security tool for automatically finding security vulnerabilities in web applications
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.