PortSwigger
Burp Suite is a comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities, improving security posture, and enabling DevSecOps. The platform provides a dynamic web vulnerability scanner, manual tools for web security testing, and a web application security scanning solution for CI/CD. Additionally, Burp Suite offers a free online training center, the Web Security Academy, which provides interactive labs and learning materials for web application security. The platform's products include Burp Suite Enterprise Edition, Burp Suite Professional, and Burp Suite Community Edition, each catering to different needs and use cases. The solutions offered by Burp Suite cover application security testing, penetration testing, automated scanning, bug bounty hunting, and compliance, among others. The Web Security Academy provides a flexible learning path with interactive labs and progress-tracking, produced by a world-class team of experts in web application security.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.