Top-rated tools trusted by the cybersecurity community
Respotter is a Responder honeypot! Catch attackers and red teams as soon as they spin up Responder in your environment.
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers.
Analyze and find vulnerabilities in JavaScript code by capturing requests and saving optimized versions locally for easy analysis in your preferred code editor.
Vulnetic Penetration Testing is an automated penetration testing platform that uses AI agents to conduct security assessments of web applications, APIs, and Active Directory environments. The platform performs vulnerability discovery and exploitation, testing for issues including authentication bypasses, injection flaws, cross-site scripting, server-side request forgery, and privilege escalation paths. The system conducts Active Directory assessments on networks with 500+ IP addresses, performing domain enumeration and identifying privilege escalation paths to domain admin. For web applications and APIs, the agents test for and exploit vulnerabilities rather than only flagging potential issues. The platform includes a reporting engine that generates evidence-backed penetration testing reports after assessments complete. Users can build custom penetration testing methodologies by defining tasks, setting parameters, and configuring how AI agents conduct tests. Vulnetic has identified and exploited vulnerabilities in production environments including stored XSS, SSRF exposing credentials, Active Directory misconfigurations like AS-REP roasting and Kerberoasting, broken access control, local file inclusion, and NTLM hash disclosure attacks. The platform operates on a credit-based pricing model with free credits available at signup, but also offers pro and enterprise licenses for heavy users.
Find tools organized by testing methodology and use case
Videos, podcasts, and articles about penetration testing