ZAP The Zed Attack Proxy
ZAP The Zed Attack Proxy is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing. For more details about ZAP see the new ZAP website at zaproxy.org
FEATURES
ALTERNATIVES
A full python tool for analyzing Android files with various functionalities.
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
Utility for comparing control flow graph signatures to Android methods with scanning capabilities for malicious applications.
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.