Wapiti
The web-application vulnerability scanner Wapiti allows you to audit the security of your websites or web applications. It performs 'black-box' scans by crawling webpages, looking for scripts and forms to inject data, and acts like a fuzzer to test vulnerabilities. Wapiti modules cover SQL Injections, Cross Site Scripting, File disclosure, Command Execution, XXE injection, CRLF Injection, Shellshock, Server Side Request Forgery, and more.
FEATURES
SIMILAR TOOLS
Amass by OWASP performs comprehensive attack surface mapping and asset discovery.
A utility for testing AWS Lambda functions for SQL Injection vulnerabilities using SQLMap attacks.
A comprehensive database of exploits and vulnerabilities for researchers and professionals
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
A local privilege escalation vulnerability in the Linux kernel known for its catchy name and potential damages.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.
Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.