Subscribe to a hand-picked round-up of the best Software Testing links published every Week. Free.
Best Tools For Security Testing
Protect your user data and ensure your app is protocted against bad actors with these powerful tools & resources for security testing.
Protect your user data and ensure your app is protocted against bad actors with these powerful tools & resources for security testing.
Newsletter by Pritesh Usadadiya
MalwareBazaarFree
The purpose of the project is to collect and share malware samples.
TrufflehogFree
Sniffing out credentials.
X
XSSHunterFree
Use Docker and Dockery Compose to test and find blind cross-site scripting vulnerabilities.
GradeJSFree
Analyze webpack production bundle
CherrybombFree
A CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
BITBFree
Browser templates for Browser In The Browser (BITB) attack.
L
Lockfile LintFree
Lint an npm or Yarn lockfile to analyze and detect security issues via predefined security policies.
R
RapiDASTFree
A framework for continuous, proactive and fully automated dynamic scanning against web apps/API.
N
NogotofailFree
An on-path blackbox network traffic security testing tool
WfuzzFree
Automate web applications security assessments
beefFree
It is a penetration testing tool that focuses on the web browser.
ArachniFree
Web Application Security Scanner Framework
W
WapitiFree
Web vulnerability scanner written in Python3
Security ListFree
Curated lists of tools, tips and resources for protecting digital security and privacy
Violating GDPR?Free
Enter a URL and this tool will tell you if the website is violating GDPR laws.
S
List of Static Code Analyzers
DenyHostsFree
DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
Fail2banFree
It scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc
online tool that you can use to check any website’s header status.
PrivacyTestsFree
Open-source tests of web browser privacy.
SemgrepFree
Static analysis at ludicrous speed.
TerrascanFree
Static code analyzer for Infrastructure as Code
gitleaksFree
Scan git repos (or files) for secrets using regex and entropy 🔑
Identify vulnerabilities in running containers, images, hosts and repositories
A collection of awesome penetration testing and offensive cybersecurity resources.
Mariana TrenchFree
Mariana Trench is a security focused static analysis platform targeting Android.
SonarLintFree
Clean Code starts in your IDE
N
Nuclei TemplatesFree
Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.
P
A collection of useful links for Pentesters
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Security Testing
security.txtFree
Security standard
sqlmapFree
Automatic SQL injection and database takeover tool
TailsFree
Operating System
Kali LinuxFree
Operatng System
ZapFree
Scanning tool for security vulnerabilities