Application Security

API SecurityApplication Security

Visit Website

GraphQLmap

Details

GraphQLmap is a scripting engine for GraphQL endpoint pentesting, automating queries and fuzzing for vulnerabilities.

API

Application SecurityReconnaissance

Visit Website

Grep by Vercel

Details

Grep is a code search tool by Vercel that allows users to search code, files, and paths across a million public GitHub repositories.

OSINT

Infrastructure SecurityApplication SecurityRed Team Operations

Visit Website

HORIZON3.ai

Details

Next‑gen autonomous penetration testing with NodeZero®—Horizon3.ai uncovers real‑world attack paths across cloud, on‑prem, and hybrid environments without human intervention.

Internal External Services

Application Security

Visit Website

Interactsh

Details

Interactsh is a tool and service for capturing and handling out-of-band interactions during security testing.

Internal Web API

Application SecurityAPI Security

Visit Website

JWT Debugger

Details

JWT Debugger is a web application to create, encode, decode, and debug JWT (JSON Web Tokens).

Web API Static Analysis

Application Security

Visit Website

Mobile Security Framework

Details

Mobile Security Framework (MobSF) is a mobile application security assessment framework for static and dynamic analysis.

Mobile

Application SecurityAPI SecurityAI Security

Visit Website

Moxy

Details

Moxy is an open-source DAST tool with agentic AI for modern web application security testing and automated pentesting workflows.

AI API Web

Application SecurityInfrastructure SecurityReporting

Visit Website

Nessus Essentials

Details

Nessus Essentials is a free vulnerability scanner by Tenable, offering high-speed, in-depth scanning for up to 16 IP addresses.

Report Internal External

Application SecurityReconnaissance

Visit Website

Nikto

Details

Nikto is an open-source web server scanner that performs comprehensive tests against web servers for multiple vulnerabilities.

Web External

Application Security

Visit Website

Nuclei

Details

Nuclei is a fast, customizable vulnerability scanner using YAML templates to detect vulnerabilities in applications, networks, and cloud.

Bug Bounty Web External

Bug BountyApplication SecurityReconnaissance

Visit Website

Nuclei Templates

Details

Community-curated templates for the Nuclei scanner to find security vulnerabilities in applications. Enhance your security testing.

Bug Bounty Web OSINT

image of OWASP Web Security Testing Guide

Application SecurityTraining

Visit Website

OWASP Web Security Testing Guide

Details

A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.

Web Training

Category

Explore by categories

All

AI Security

API Security