Category

A comprehensive guide to testing the security of web applications and web services, providing a framework of best practices.

Opengrep is a static code analysis engine for finding security issues in code, supporting 30+ languages and customizable rules.

Osmedeus is a workflow engine for offensive security, designed to build customizable reconnaissance systems for large-scale targets.

A comprehensive collection of payloads and bypasses for web application security testing and exploitation.

Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.

Probely is an automated web application and API vulnerability scanner designed for agile teams to automate security testing in their SDLC.

ProjectDiscovery offers real-time vulnerability detection, asset discovery, and customizable exploit detection for streamlined security workflows.

ProxyOrb offers a free web proxy and online proxy browser for secure, anonymous access to blocked websites, featuring military-grade encryption.

Qualys SSL Labs provides a free online service to perform deep analysis of the configuration of any SSL web server on the public Internet.

Retire.js: Scans web/Node.js apps for vulnerable JS libraries & generates SBOMs, aiding in identifying & mitigating security risks.

AI-driven pentesting platform automating hacker intuition to find vulnerabilities before exploits, reducing discovery costs.

AI-infused API Security solution for the entire API lifecycle, from discovery and posture management to threat protection, including AI Agents.