All Cybersecurity Tools
Browse the full catalog of security solutions, from endpoint protection to cloud security.
Browse 14,133 all cybersecurity tools tools
FEATURED
ALL TOOLS
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
Maintaining account persistence via XSS and Oauth
A toolkit for testing, tweaking and cracking JSON Web Tokens
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.
Secret Bridge monitors GitHub repositories to detect and alert on leaked secrets and sensitive data exposure.
A tool for performing subdomain enumeration using Censys API
A tool for performing subdomain enumeration using Censys API
A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.
A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.
A tool for Local File Inclusion (LFI) exploitation and scanning
LinksDumper extracts links and endpoints from HTTP responses to support web application security testing and reconnaissance activities.
LinksDumper extracts links and endpoints from HTTP responses to support web application security testing and reconnaissance activities.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
A tool for collecting and analyzing screenshots from remote desktop protocols, web applications, and VNC connections.
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
A tool for detecting and taking over subdomains with dead DNS records
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
A tool to embed XXE and XSS payloads in various file formats
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A front-end JavaScript toolkit for creating DNS rebinding attacks
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
