Free
npm-scan View npm-scan
iOS application for testing iOS penetration testing skills in a legal environment.
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
npm-zoo View npm-zoo
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Free
NxSAM View NxSAM
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
Free
Nucleus Security Platform View Nucleus Security Platform
A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.
Free
Nuclei View Nuclei
A Pythonic interface to the Internet Storm Center / DShield API
Free
ocaml-yara by Elastic View ocaml-yara by Elastic
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
Free
OpenRedireX View OpenRedireX
Threat intelligence and digital risk protection platform
Free
Opus View Opus
An open-source tool for finding security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code
Free
Otseca View Otseca
A JavaScript scanner built in PHP for scraping URLs and other information.
Free
OverTheWire: Vortex View OverTheWire: Vortex
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
Free
OWASP API Security Top 10 View OWASP API Security Top 10
A non-profit organization focused on improving the security of software through resources and training.
Free
OWASP Application Security Wiki View OWASP Application Security Wiki
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
Free
OWASP Bricks View OWASP Bricks
Pac-resolver, a popular NPM package with 3 million weekly downloads, has a severe remote code execution flaw.
Free
OWASP Foundation View OWASP Foundation
Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.
Free
OWASP Joomla Vulnerability Scanner View OWASP Joomla Vulnerability Scanner
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
Free
OWASP TOP 10 Presentation View OWASP TOP 10 Presentation
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
Free
pac-resolver View pac-resolver
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.
Free
Packet Storm Exploits for April 2024 View Packet Storm Exploits for April 2024
tfsec is being replaced by Trivy, a more comprehensive open-source security solution
Free
Pagodo View Pagodo
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
Free
ParamPamPam View ParamPamPam
tfsec is being replaced by Trivy, a more comprehensive open-source security solution
Free
Paros View Paros
Open source security auditing tool to search and dump system configuration.
Free
PayPal Donate View PayPal Donate
Weekly security newsletter with advisories from major software vendors
Free
Phoenix View Phoenix
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Free
PlumHound View PlumHound
A ruby script that scans for vulnerable 3rd-party web applications