Category

Offline security checklist & report generator with 200+ tests across web, cloud, WiFi, firmware, and AI security domains.

SecLists is a collection of multiple types of lists used during security assessments, collected in one place for easy access.

See-SURF is an AI-powered security tool designed to find and validate potential Server Side Request Forgery (SSRF) parameters in web applications.

ShipSec Studio is an open-source security workflow orchestration platform designed for building, executing, and monitoring automated security workflows at scale.

Snyk is a developer-first security platform that finds and fixes vulnerabilities in code, dependencies, containers, and infrastructure as code.

Tenable's exposure management platform helps organizations find, prioritize, and fix cyber risks across IT, cloud, OT, and identity environments.

Agentic AI-powered continuous penetration testing as a service (PTaaS) platform that combines AI scale with human supervision.

OWASP Threat Dragon is a free, open-source threat modeling tool for creating threat model diagrams and listing threats.

Titus is a high-performance secrets scanner that detects credentials, API keys, and tokens in source code, files, and git history with 459 detection rules and live credential validation.

Truffle Security provides open-source and enterprise solutions for detecting and remediating leaked keys and credentials across the SDLC.

WAFW00F identifies and fingerprints Web Application Firewall (WAF) products protecting a website using various detection methods.

WPScan is a vulnerability database and security scanner for WordPress, helping users identify and address security risks in their WP sites.