Tag

Web

Tools and methodologies for web application security testing, including injection flaws, authentication issues, access control weaknesses, and client/server-side vulnerabilities.

Back to tags

image of CWE Common Weakness Enumeration

ReportingApplication Security

Visit Website

CWE Common Weakness Enumeration

Details

A comprehensive community-developed list of common software and hardware weaknesses to help identify and mitigate security issues.

Report Web

Application Security

Visit Website

Commix

Details

Commix is an open-source penetration testing tool for detecting and exploiting command injection vulnerabilities in web applications.

Web

Reverse EngineeringApplication Security

Visit Website

CyberChef

Details

CyberChef is a web app for encryption, encoding, compression, and data analysis, offering a wide range of operations in a drag-and-drop interface.

Web Mobile Bug Bounty

Application SecurityAPI Security

Visit Website

Dalfox

Details

Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.

Web Bug Bounty Static Analysis API

TrainingCertifications

Visit Website

EC-Council

Details

EC-Council offers cybersecurity courses online, providing industry-recognized certifications and training for career advancement.

Training Certifications Web Internal Services+1

AI SecurityApplication SecurityAPI SecurityCloud SecurityVulnerability Intelligence

Visit Website

EnforsterAI

Details

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

AI Static Analysis API Cloud Web+1

Application Security

Visit Website

EvilWAF

Details

EvilWAF is a penetration testing tool designed to detect and bypass common Web Application Firewalls (WAFs).

Web

ReconnaissanceApplication Security

Visit Website

Feroxbuster

Details

Feroxbuster is a fast, simple, recursive content discovery tool written in Rust, designed for forced browsing.

Web Bug Bounty

Application Security

Visit Website

Ghauri

Details

Ghauri is a cross-platform tool for detecting and exploiting SQL injection flaws, automating the process for security professionals.

Web Bug Bounty

Application SecurityReconnaissanceInfrastructure Security

Visit Website

Gobuster

Details

Gobuster is a tool to brute-force URIs, DNS subdomains, and virtual hostnames, aiding in web application reconnaissance.

Web External Bug Bounty Classification

Reconnaissance

Visit Website

Intelligence X

Details

Intelligence X is a search engine and data archive for searching Tor, I2P, data leaks, and the public web by email, domain, IP, and more.

Web External

Application Security

Visit Website

Interactsh

Details

Interactsh is a tool and service for capturing and handling out-of-band interactions during security testing.

Internal Web API