Free
Sysreptor
SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.
Vulnerability Management
Proactively identify and fix security weaknesses to prevent cyber threats and protect your assets.
Try these 172 AI Vulnerability Management Tools
Free
TANNER
A categorized collection of bug bounty write-ups for various vulnerabilities.
Free
testssl.sh
Audits JavaScript projects for known vulnerabilities and outdated package versions using OSS Index v3 REST API.
Free
tfsec to Trivy Migration
Threat intelligence and digital risk protection platform
Free
ThreatMapper
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Free
Twitter's Vine Source Code Dump
Threat intelligence and digital risk protection platform
Free
VHostScan
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Free
Vulcan Cyber
A hybrid mobile app for Android that intentionally contains vulnerabilities for testing and education
Free
Vulnerable Node
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
Free
Vuldroid
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
Free
Wapiti
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
Free
Windows 7 UAC Whitelist Code-Injection Issue
A continuous threat exposure management platform that provides automated vulnerability scanning for internet-facing assets with varying service tiers for different organizational needs.
Free
Windows Exploit Suggester
Amass by OWASP performs comprehensive attack surface mapping and asset discovery.
Free
WitnessMe
Weekly security newsletter with advisories from major software vendors
Free
WPScan
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
Free
XGuardian XARA Security Scanner
CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.
Free
Yar
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
Free
Yara Validator
A Capture The Flag (CTF) platform for testing computer security skills
Free
Yasuo
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
Free
Zero Day Initiative Published Advisories
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
Free
Censys View Censys
Censys provides comprehensive, near real-time global visibility into your attack surface, empowering security and IT teams to proactively identify and mitigate risks. Leveraging trusted security data and researcher expertise, Censys Enterprise delivers actionable insights to defend your infrastructure against nation-state attacks, emerging threats, and common vulnerabilities, akin to having an expert security research team dedicated to your assets.
Comprehensive attack surface visibility
Near real-time threat intelligence
Proactive risk identification and mitigation