Application Security

Qualys SSL Labs

Qualys SSL Labs provides a free online service to perform deep analysis of the configuration of any SSL web server on the public Internet.

Web

Application Security

Visit Website

Retire.js

Details

Retire.js: Scans web/Node.js apps for vulnerable JS libraries & generates SBOMs, aiding in identifying & mitigating security risks.

Web Static Analysis

Application SecurityCloud SecurityInfrastructure SecurityRed Team Operations

Visit Website

SecLists

Details

SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.

Bug Bounty Web External Internal

Application Security

Visit Website

Snyk

Details

Snyk is a developer-first security platform that finds and fixes vulnerabilities in code, dependencies, containers, and infrastructure as code.

Web

Security FirmsReportingApplication SecurityInfrastructure Security

Visit Website

Tenable

Details

Tenable's exposure management platform helps organizations find, prioritize, and fix cyber risks across IT, cloud, OT, and identity environments.

API Report Web Services External+3

Application Security

Visit Website

Threat Dragon

Details

OWASP Threat Dragon is a free, open-source threat modeling tool for creating threat model diagrams and listing threats.

Static Analysis

Application SecurityCloud Security

Visit Website

Truffle Security

Details

Truffle Security provides open-source and enterprise solutions for detecting and remediating leaked keys and credentials across the SDLC.

Web Bug Bounty Cloud

Application SecurityReconnaissance

Visit Website

WAFW00F

Details

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products protecting a website using various detection methods.

Web

Application SecurityInfrastructure SecurityReporting

Visit Website

WPScan

Details

WPScan is a vulnerability database and security scanner for WordPress, helping users identify and address security risks in their WP sites.

Web Report Services External

Application Security

Visit Website

XSStrike

Details

XSStrike is an advanced XSS detection suite with intelligent payload generation, fuzzing engine, and fast crawler for web security.

Web Bug Bounty

Application SecurityReconnaissance

Visit Website

ffuf

Details

ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.

Web Bug Bounty External

ReconnaissanceApplication SecurityBug Bounty

Visit Website

httpx

Details

httpx is a fast and multi-purpose HTTP toolkit for reconnaissance, probing, and information gathering with retries and backoffs.

OSINT Bug Bounty

Category

Explore by categories

All

AI Security

API Security