Free
JS-Scan
An automated web application security scanner that evaluates JavaScript library vulnerabilities and HTTP security headers to assess website security posture.
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
KICS
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
Free
Krypton
A tool to find and search for registered CVEs, creating a local CVE database for offline use.
Free
kube-hunter
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
Free
Lambda-Proxy
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
Free
LeakIX
A comprehensive database of exploits and vulnerabilities for researchers and professionals
Free
LinkedInt
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Free
Linkedin2username
A comprehensive database of exploits and vulnerabilities for researchers and professionals
Free
Linux Exploit Suggester 2
iOS application for testing iOS penetration testing skills in a legal environment.
Free
Linux Exploit Suggester
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Free
Linux Exploit Suggester (LES)
A multithreaded vulnerability scanner for web-based applications
Free
Linux Soft Exploit Suggester
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Free
Free
MCIR
A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.
Free
MetaHub
The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.
Free
Metasploitable3
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Free
Mobile Sandbox
SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.
Free
Nessus Professional
A tool that checks for hijackable packages in NPM and Python Pypi registries
Free
Free
NMAP
A tool to run YARA rules against node_module folders to identify suspicious scripts
Free
Node.js Bug Bounty Program
A non-profit organization focused on improving the security of software through resources and training.
Free
NoSQLMap
A tool that finds unprotected secrets in container images or file systems, matching against a database of 140 secret types.