Application Security focuses on identifying and mitigating vulnerabilities within web and software applications. This category includes tools, techniques, and methodologies for assessing input validation, authentication, access control, and other common security flaws across web, API, and desktop environments. Topics like OWASP Top 10, SAST/DAST tools, secure coding, and automated scanners fall under this domain.
WPScan is a vulnerability database and security scanner for WordPress, helping users identify and address security risks in their WP sites.
AI-powered penetration testing platform that scales offensive security, discovers vulnerabilities, and validates exploits with AI agents.
AppSec for an AI-First World One AI-powered platform that detects, prioritizes, and remediate vulnerabilities and malware end-to-end without the traditional AppSec overhead.
A recursive internet scanner for hackers, designed to automate Recon, Bug Bounties, and ASM with a focus on comprehensive subdomain enumeration.
Hunt for AI coding artifacts containing secrets by scanning public GitHub repositories for leaked credentials in AI coding tool configuration files.
ffuf is a fast web fuzzer written in Go, designed for content discovery and web application security testing.
httpx is a fast and multi-purpose HTTP toolkit for reconnaissance, probing, and information gathering with retries and backoffs.
objection is a runtime mobile exploration toolkit for assessing mobile app security posture without needing a jailbreak.
reNgine is an automated web reconnaissance framework streamlining the recon process for security professionals and bug bounty hunters.
reconFTW automates reconnaissance, subdomain enumeration, and vulnerability checks, providing comprehensive target information.
