Application Security

Application SecurityAPI Security

Dalfox

Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.

Web Bug Bounty Static Analysis API

Application Security

Visit Website

Dryrun Security

Details

AI-powered security agents that detect logic flaws, authorization gaps, and IDOR, preventing code risks in modern applications.

Static Analysis

AI SecurityApplication SecurityAPI SecurityCloud SecurityVulnerability Intelligence

Visit Website

EnforsterAI

Details

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

AI Static Analysis API Cloud Web+1

Application Security

Visit Website

EvilWAF

Details

EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Web

Application SecurityReporting

Visit Website

Faction Security

Details

Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.

Report

ReconnaissanceApplication Security

Visit Website

Feroxbuster

Details

Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.

Web Bug Bounty

Reverse EngineeringApplication SecurityExploit Development

Visit Website

Frida

Details

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers to analyze and modify application behavior.

Mobile

Application Security

Visit Website

Ghauri

Details

Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.

Web Bug Bounty

Application SecurityCloud Security

Visit Website

Gitleaks

Details

Gitleaks detects secrets like passwords, API keys, and tokens in git repositories, files, and standard input.

Static Analysis

Application SecurityReconnaissanceInfrastructure Security

Visit Website

Gobuster

Details

Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.

Web External Bug Bounty Classification

API SecurityApplication Security

Visit Website

GraphQLmap

Details

GraphQLmap is a scripting engine for GraphQL endpoint pentesting, automating queries and fuzzing for vulnerabilities.

API

Application SecurityReconnaissance

Visit Website

Grep by Vercel

Details

Grep is a code search tool by Vercel that allows users to search code, files, and paths across a million public GitHub repositories.

OSINT

Category

Explore by categories

All

AI Security

API Security