Free
npm-scan
iOS application for testing iOS penetration testing skills in a legal environment.
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
npm-zoo
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Free
NxSAM
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Free
Nucleus Security Platform
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Free
Free
ocaml-yara by Elastic
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
Free
Opus
An open-source tool for finding security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code
Free
Otseca
A JavaScript scanner built in PHP for scraping URLs and other information.
Free
OverTheWire: Vortex
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
Free
OWASP API Security Top 10
A non-profit organization focused on improving the security of software through resources and training.
Free
OWASP Application Security Wiki
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Free
OWASP Bricks
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
Free
OWASP Foundation
Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.
Free
OWASP Joomla Vulnerability Scanner
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
Free
OWASP TOP 10 Presentation
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
Free
pac-resolver
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.
Free
Packet Storm Exploits for April 2024
tfsec is being replaced by Trivy, a more comprehensive open-source security solution
Free
Pagodo
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
Free
ParamPamPam
tfsec is being replaced by Trivy, a more comprehensive open-source security solution
Free
Paros
Open source security auditing tool to search and dump system configuration.
Free
PayPal Donate
Weekly security newsletter with advisories from major software vendors
Free
Phoenix
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Free
PlumHound
A ruby script that scans for vulnerable 3rd-party web applications