Category

Commix is an open-source penetration testing tool for detecting and exploiting command injection vulnerabilities in web applications.

Corellium provides virtualized iOS, Android, and Arm devices for accelerated security testing, research, and DevSecOps.

CyberChef is a web app for encryption, encoding, compression, and data analysis, offering a wide range of operations in a drag-and-drop interface.

DLLHijackHunter is an automated scanner that uses canary DLLs to confirm hijacking vulnerabilities, UAC bypasses, and privilege escalation on Windows.

Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.

AI-powered security agents that detect logic flaws, authorization gaps, and IDOR, preventing code risks in modern applications.

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Automate PenTest reporting and AppSec Posture Management (ASPM) for penetration testers, red teams, and application security teams.

Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.

Frida is a dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers to analyze and modify application behavior.

Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.