BloodHound - Maps Active Directory relationships, shows who can escalate to domain admin., Nessus - Scans systems for vulnerabilities, CVEs, and misconfigurations., PowerSploit - Post-exploitation, privilege escalation, payloads., Grype - Finds vulnerabilities in Docker images or filesystem packages., Trivy - Scans containers, IaC files, repos, dependencies., Kube-hunter - Active Probe Kubernetes clusters for weaknesses., Nikto - Active Web server vulnerability/misconfig scanner., OpenVAS/Greenbone - Active Open-source vulnerability scanning., TruffleHog - Passive Find secrets and keys in repos/code., Burp Suite - Web testing proxy, Intercept requests, scan parameters, brute-force forms, fuzz, automate., Qualys - Enterprise vulnerability scanning from the cloud, OWASP Dependency-Check - Scans project dependencies for known CVEs.,

Vulnerability Discovery & Analysis

by
Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?