A free in-depth website analyzer providing audits of security, performance, SEO, accessibility and other technical aspects. Available as a desktop application for Windows/macOS/Linux and as a CLI tool for advanced users and CI/CD processes. It also includes an offline web page exporter.

Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free. This helps prioritize remediation and eliminate false positives, providing true...

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting...

Criminal IP protects IT assets and businesses by analyzing all years of cyber threats and prediciting exploits. Criminal IP provides real-time intelligence to enhance cybersecurity competencies in all aspects.

The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Identify system vulnerabilities with automated assessments and prioritize remediation through a scoring system, offering guidance for all experience levels.

Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the internet.

Aikido Security is a developer-first software security platform. We scan your source code & cloud to show you which vulnerabilities are actually important to solve. Triaging is sped up by massively reducing false-positives and making CVEs human-readable.

Heimdal is a handy and reliable utility designed to update critical applications installed on your computer.

Sn1per Professional is an all-in-one offensive security platform that provides a comprehensive view of your internal and external attack surface and offers an asset risk scoring system to prioritize, reduce, and manage risk.

Continuously find & fix vulnerabilities in your dependencies.

SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for...

📈 Measure and control your application security state; 🔎 Scan your code, containers, web and mobile applications; 🔥 Remove duplicates, validate results, and create Jira tasks in seconds; 🕜 Save your engineers time and automate your processes; ? Self-hosted.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.

Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently Java and .NET dependencies are supported.