OWASP Foundation: Open source application security, providing resources, tools, and community for secure software development.
PortSwigger offers web application security tools, testing resources, and training to identify the latest vulnerabilities.
Probely is an automated web application and API vulnerability scanner designed for agile teams to automate security testing in their SDLC.
Free web application security training platform by PortSwigger, offering learning materials, labs, and progress tracking for cybersecurity professionals.
APKHunt is a static code analysis tool for Android apps based on OWASP MASVS, helping developers and security testers find vulnerabilities.
Arjun is an HTTP parameter discovery suite to find valid web parameters and uncover hidden endpoints.
A comprehensive community-developed list of common software and hardware weaknesses to help identify and mitigate security issues.
Corellium provides virtualized iOS, Android, and Arm devices for accelerated security testing, research, and DevSecOps.
CyberChef is a web app for encryption, encoding, compression, and data analysis, offering a wide range of operations in a drag-and-drop interface.
Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.
Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.
Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.