Application Security

AI SecurityApplication SecurityAPI SecurityCloud SecurityVulnerability Intelligence

EnforsterAI

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

AI Static Analysis API Cloud Web+1

Application Security

Visit Website

EvilWAF

Details

EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Web

Application SecurityReporting

Visit Website

Faction Security

Details

Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.

Report

ReconnaissanceApplication Security

Visit Website

Feroxbuster

Details

Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.

Web Bug Bounty

Reverse EngineeringApplication SecurityExploit Development

Visit Website

Frida

Details

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers to analyze and modify application behavior.

Mobile

Application Security

Visit Website

Ghauri

Details

Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.

Web Bug Bounty

Application SecurityCloud Security

Visit Website

Gitleaks

Details

Gitleaks detects secrets like passwords, API keys, and tokens in git repositories, files, and standard input.

Static Analysis

Application SecurityReconnaissanceInfrastructure Security

Visit Website

Gobuster

Details

Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.

Web External Bug Bounty Classification

API SecurityApplication Security

Visit Website

GraphQLmap

Details

GraphQLmap is a scripting engine for GraphQL endpoint pentesting, automating queries and fuzzing for vulnerabilities.

API

Application SecurityReconnaissance

Visit Website

Grep by Vercel

Details

Grep is a code search tool by Vercel that allows users to search code, files, and paths across a million public GitHub repositories.

OSINT

Infrastructure SecurityApplication SecurityRed Team Operations

Visit Website

HORIZON3.ai

Details

Next‑gen autonomous penetration testing with NodeZero®—Horizon3.ai uncovers real‑world attack paths across cloud, on‑prem, and hybrid environments without human intervention.

Internal External Services

Application Security

Visit Website

Interactsh

Details

Interactsh is a tool and service for capturing and handling out-of-band interactions during security testing.

Internal Web API

Category

Explore by categories

All

AI Security

API Security