souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
page 3 / 4
75 results tagged security  ✕   ✕
Snyk https://snyk.io/
25/04/2016 cluster icon
  • Yarn : Fast, reliable, and secure dependency management tool for javascript.
  • Harpoon : CLI tool for open source and threat intelligence. Harpoon is a tool to automate threat intelligence and open source intelligence tasks. It is written ...
  • asdf : Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
  • Bandit : Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs approp...
  • Poetry : Python packaging and dependency management made easy
thumbnail

Snyk helps you use open source and stay secure.
Continuously find & fix vulnerabilities in your dependencies.

security tool npm python ruby php javascript dependency
sqlmap http://sqlmap.org/
17/04/2016 cluster icon
  • Bandit : Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs approp...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • Kali Linux : Penetration Testing Linux OS containing tools to test the security of system or a network.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

sql security test tool
WhatWeb http://www.morningstarsecurity.com/research/whatweb
17/04/2016 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
thumbnail

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

web scan tool analysis security
Kali Linux https://www.kali.org/
17/04/2016 cluster icon
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...

Penetration Testing Linux OS containing tools to test the security of system or a network.

security test os tool
ZeroDB https://github.com/zerodb/zerodb
08/12/2015 cluster icon
  • re:dash : Query Editor: think of JS Fiddle for SQL queries. It's your way to share data in the organization in an open way, by sharing both the dataset and the ...
  • CryptPad : CryptPad is the Zero Knowledge realtime collaborative editor. Encryption carried out in your web browser protects the data from the server, the cloud ...
  • Dolt : Dolt is a relational database, i.e. it has tables, and you can execute SQL queries against those tables. It also has version control primitives that o...
  • pgLoader : pgloader loads data into PostgreSQL and allows you to implement Continuous Migration from your current database to PostgreSQL. pgLoader has two modes ...
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
thumbnail

ZeroDB enables clients to run queries over encrypted databases without exposing decrypted data to the server and without a proxy gateway.

database encryption data security python
HTTP Security Report https://httpsecurityreport.com/
05/11/2015 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • mitmproxy : mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.
  • Webhook Tester : Webhook Tester allows you to easily test webhooks and other types of HTTP requests.

Get an instant report of how your website measures up to the best practices.

Check connection encryption, content security, information disclosure and cookies. Compare your results with today's top sites.

http security test online
Burp Suite https://portswigger.net/burp/
11/09/2015 cluster icon
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • Subgraph Vega : Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XS...
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
thumbnail

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

web security test application
The Big List of Naughty Strings https://github.com/minimaxir/big-list-of-naughty-strings
13/08/2015 cluster icon
  • XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
  • Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...
thumbnail

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

test security reference
SensioLabs Security Advisories Checker https://security.sensiolabs.org/
27/10/2014 cluster icon
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
  • RegPack : RegPack is a packer intended for use on minified Javascript code. It is mostly suited to small size constraints (1kb, up to 4kb).
  • ApiGen : ApiGen is the tool for creating professional API documentation from PHP source code, similar to discontinued phpDocumentor/phpDoc.
  • PHP_CodeSniffer : PHP_CodeSniffer tokenises PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...

The SensioLabs security advisories checker is a simple tool, available as a web service or as an online application, that uses the information from your composer.lock file to check for known security vulnerabilities.

php security composer online tool
Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
04/08/2014 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
thumbnail

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

web security proxy scan tool
DVWA - Damn Vulnerable Web Application http://www.dvwa.co.uk/
26/11/2013 cluster icon
  • SQL Injection Cheat Sheet : Samples are provided to allow reader to get basic idea of a potential SQL Injection attack and almost every section includes a brief information about...
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • WWW SQL Designer : WWW SQL Designer allows users to create database designs, which can be saved/loaded and exported to SQL scripts. Various databases and languages are s...
  • vicnum : A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing ...

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.

web security software php mysql
vicnum http://sourceforge.net/projects/vicnum/
26/11/2013 cluster icon
  • DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...

A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing web security skills and setting up 'capture the flag'.

web security software
PySQLi https://github.com/sysdream/pysqli
28/11/2012 cluster icon
  • Alembic : Alembic is a new database migrations tool, written by the author of SQLAlchemy.
  • Flask : Flask is a microframework for Python based on Werkzeug, Jinja 2 and good intentions. And before you ask: It's BSD licensed!
  • XgeneCloud : XgeneCloud is an API Framework platform that instantly generates REST / GraphQL APIs on any SQL database. Supports MySQL, PostgreSQL, MSSQL, SQLite &...
  • FastAPI : FastAPI is a modern, fast (high-performance), web framework for building APIs with Python 3.6+ based on standard Python type hints.
  • Snyk : Snyk helps you use open source and stay secure. Continuously find & fix vulnerabilities in your dependencies.
thumbnail

Python SQL injection framework

python framework security sql
WebScarab https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
23/11/2012 cluster icon
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Subgraph Vega : Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XS...
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...

WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.

web security tool test
Subgraph Vega http://subgraph.com/products.html
22/11/2012 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...

Vega is an open source platform to test the security of web applications. Vega can help you find and validate SQL Injections, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

web security test
XSS Filter Evasion Cheat Sheet - OWASP https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
22/11/2012 cluster icon
  • The Big List of Naughty Strings : The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
  • Kali Linux : Penetration Testing Linux OS containing tools to test the security of system or a network.
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • domsnitch : A passive reconnaissance tool inside the DOM (experimental)

This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.

xss security reference test
SecTools.Org http://sectools.org
27/10/2012 cluster icon
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • Harpoon : CLI tool for open source and threat intelligence. Harpoon is a tool to automate threat intelligence and open source intelligence tasks. It is written ...

Top Network Security Tools

security tool network
BeEF http://www.beefproject.com
23/10/2012 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • SSL Server Test : This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.
  • Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...

The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target.

security browser software test
OWASP https://www.owasp.org
27/06/2012 cluster icon
  • SQL Injection Cheat Sheet : Samples are provided to allow reader to get basic idea of a potential SQL Injection attack and almost every section includes a brief information about...
  • Security Guide for Developers : A practical security guide for web developers.
  • Pattern Tap : Organized Web Design Collection of User Interfaces for Inspiration and Ideas. The CSS Gallery Alternative
  • Introduction to WAI ARIA : This article is for those who are new to ARIA. You need an understanding of HTML and the potential difficulties that people with disabilities can face...
  • My First 10 Minutes On a Server : Primer for Securing Ubuntu
thumbnail

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software.

web security reference
mitmproxy https://mitmproxy.org/
13/02/2012 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • HTTP Security Report : Get an instant report of how your website measures up to the best practices. Check connection encryption, content security, information disclosure and...
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...
  • toxy : toxy is a fully programmatic and hackable HTTP proxy to simulate server failure scenarios and unexpected network conditions, built for node.js/io.js.
  • SSL Server Test : This free online service performs a deep analysis of the configuration of any SSL web server on the public Internet.

mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of message types ranging from HTML to Protobuf, intercept specific messages on-the-fly, modify them before they reach their destination, and replay them to a client or server later on.

ssl security proxy http test
page 3 / 4
1656 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn