Security Training Share
Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network....
Osmedeus Automatic Reconnaissance and Scanning in Penetration Testing What is Osmedeus? It allows you to do boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools....
TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. It identifies the following indicators related to: Secure Shell (SSH) key files Secure Socket Layer (SSL) key files Internet Protocol (IP)...
snyk Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI (Build) system. Features Find known vulnerabilities...
SSLyze Fast and powerful SSL/TLS server scanning library for Python 2.7 and 3.4+. Description SSLyze is a Python library and a CLI tool that can analyze the SSL configuration of a server by connecting...
SQLiScanner Automatic SQL injection with Charles and sqlmapapi Installation Preferably, you can download SQLiScanner by cloning the Git repository: git clone https://github.com/0xbug/SQLiScanner.git –depth 1 You can download sqlmap by cloning the Git repository: git...
Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potentially vulnerable websites. It allows automatic file formatting, random user agents,...
OWASP Juice Shop OWASP Juice Shop is an intentionally insecure web app for security training written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws. For a detailed introduction, full...
ADAPT is a tool that performs Automated Penetration Testing for WebApps. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10...
RapidScan – The Multi-Tool Web Vulnerability Scanner It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it...
Security Code Scan – static code analyzer for .NET Facts Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc. Taint analysis to track user...
The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Designed to be entirely extensible by just adding...
The OWASP Zed Attack Proxy (ZAP) is easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
Syntribos, An Automated API Security Testing Tool Syntribos is an open source automated API security testing tool that is maintained by members of the OpenStack Security Project. Given a simple configuration file and an example...
