StackHawk
StackHawk is a Dynamic Application Security Testing (DAST) platform designed for API and web application security testing. The tool integrates into CI/CD pipelines to perform automated security testing during the development process. It provides capabilities for: - API security testing across REST, GraphQL, gRPC, and SOAP APIs - Vulnerability scanning and detection - Local development testing - Integration with development tools like GitHub, JIRA, and Azure DevOps - Security issue triaging and prioritization - API discovery and attack surface mapping The platform enables development teams to identify and fix security vulnerabilities early in the software development lifecycle, with features for continuous testing and monitoring of applications in pre-production environments.
FEATURES
ALTERNATIVES
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
A web-based tool for instrumenting and analyzing Android applications using Flask, Jinja, and Redis.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A command-line tool that scans NPM packages and ZIP files to detect exposed secrets and sensitive credentials in source code and configuration files.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.