Application Security

Application SecurityInfrastructure SecurityReporting

Nessus Essentials

Nessus Essentials is a free vulnerability scanner by Tenable, offering high-speed, in-depth scanning for up to 16 IP addresses.

Report Internal External

Application SecurityReconnaissance

Visit Website

Nikto

Details

Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities.

Web External

Application Security

Visit Website

Nuclei

Details

Nuclei is a fast, customizable vulnerability scanner using YAML templates to detect vulnerabilities in applications, networks, and cloud.

Bug Bounty Web External

Bug BountyApplication SecurityReconnaissance

Visit Website

Nuclei Templates

Details

Community-curated templates for the Nuclei scanner to find security vulnerabilities in applications. Enhance your security testing.

Bug Bounty Web OSINT

image of OWASP Web Security Testing Guide

Application SecurityTraining

Visit Website

OWASP Web Security Testing Guide

Details

A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.

Web Training

ReconnaissanceApplication Security

Visit Website

Osmedeus

Details

Osmedeus is a workflow engine for offensive security, designed to build customizable reconnaissance systems for large-scale targets.

Bug Bounty Web

Application Security

Visit Website

Payloads All The Things

Details

A comprehensive collection of payloads and bypasses for web application security testing and exploitation.

Web Bug Bounty API External

Application SecurityAPI Security

Visit Website

Postman

Details

Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.

API Web Mobile

ReconnaissanceApplication SecurityBug Bounty

Visit Website

ProjectDiscovery

Details

ProjectDiscovery offers real-time vulnerability detection, asset discovery, and customizable exploit detection for streamlined security workflows.

OSINT Bug Bounty

Application Security

Visit Website

Qualys SSL Labs

Details

Qualys SSL Labs provides a free online service to perform deep analysis of the configuration of any SSL web server on the public Internet.

Web

Application Security

Visit Website

Retire.js

Details

Retire.js: Scans web/Node.js apps for vulnerable JS libraries & generates SBOMs, aiding in identifying & mitigating security risks.

Web Static Analysis

Application SecurityCloud SecurityInfrastructure SecurityRed Team Operations

Visit Website

SecLists

Details

SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.

Bug Bounty Web External Internal

Category

Explore by categories

All

AI Security

API Security