Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
The Big List of Naughty Strings : The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Wapiti : Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the applica...
Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be...
OverTheWire: Wargames : The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
