firebaseExploiter FirebaseExploiter is a vulnerability discovery tool that discovers Firebase databases which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing. Features Mass vulnerability scanning from...
VulnerableCode VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure...
Am I Exploitable? ‘Am I Exploitable?’ is a python open source project that comes to meet the need of validating if your system is exploitable to specific vulnerabilities. The project can help you understand...
Semgrep Semgrep is a command-line tool for offline static analysis. Use pre-built or custom rules to enforce code and security standards in your codebase. You can try it now with our interactive live editor. Semgrep combines the...
nuclei Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. It is used to send requests across targets based on a template leading to...
What is ReDoS vulnerability? A regular expression is the most known text processing utility for programmers. There are many tools to use regular expression: grep, awk, and perl for example. Besides, a regular expression is used for...
DefectDojo is an open-source application vulnerability correlation and security orchestration application. It allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities, and push findings into defect...
Remote Method Guesser Remote Method Guesser (rmg) is a command-line utility written in Java and can be used to identify security vulnerabilities on Java RMI endpoints. Currently, the following operations are supported: List available bound names and their corresponding...
Salus: Guardian of Code Safety and Security Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run...
Sqlvet Sqlvet performs static analysis on raw SQL queries in your Go codebase to surface potential runtime errors at build time. Feature highlights: Check for SQL syntax error Identify unsafe queries that could potentially...
