w3af
Open source web application security scanner with 200+ vulnerability identification capabilities.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library that can analyze the SSL/TLS configuration of a server to ensure strong encryption settings and protection against known TLS attacks. It focuses on speed and reliability, can be easily integrated into CI/CD pipelines, offers a fully documented Python API, supports scanning non-HTTP servers, and allows results to be saved in a JSON file.
Open source web application security scanner with 200+ vulnerability identification capabilities.
A tool to run YARA rules against node_module folders to identify suspicious scripts
NoSQLMap is a Python tool for auditing and automating injection attacks on NoSQL databases.
A vulnerable web site in NodeJS for testing security source code analyzers.
An open-source attack surface management platform for identifying and managing vulnerabilities
A JavaScript scanner built in PHP for scraping URLs and other information.