w3af
w3af is an open source web application security scanner that helps developers and penetration testers identify and exploit vulnerabilities in their web applications. The scanner can identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection, and OS commanding. Contributions are welcome, and the project is sponsored by Holm Security for automated vulnerability assessment.
FEATURES
ALTERNATIVES
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.