Scanbee — No frills less verbose Security Scanner for AI era Builders

It is a free, open-source penetration testing tool. It is designed specifically for testing web applications and is both flexible and extensible.

detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base. However, unlike other similar packages that solely focus on finding secrets, this package is designed with the enterprise client in mind: providing a backwards compatible, systematic means of: Preventing new secrets from entering the code base, Detecting if such preventions are explicitly bypassed, and Providing a checklist of secrets to roll, and migrate off to a more secure storage.

The first platform scanning all GitHub public activity in real time for API secret tokens, database credentials or vault keys. Be alerted in seconds. Integrate in minutes.

BitResurrector v3.0 is a high-performance suite for recovering lost Bitcoin private keys. It leverages extreme GPU acceleration, AVX-512 parallelism, and cryptographic optimizations like Montgomery REDC. Built for "Digital Archaeology," it specializes in auditing historical PRNG weaknesses and statistical anomalies in early blockchain assets.

An open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.

Precogs AI is an AI-native code security platform delivering industry-leading precision, fewer false positives, and faster vulnerability detection.

It is a compliance-focused pentesting-as-a-service platform. It allows companies to easily schedule and manage penetration tests, designed for both compliance and security enhancement.

It is a penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. It is built on top of ChatGPT and operates in an interactive mode to guide penetration testers in both overall progress and specific operations.

Secuditor Lite is a free diagnostic security tool with a friendly GUI for Windows endpoints and networks. It helps identify system vulnerabilities, improve device Operational Security (OPSEC), detect network elements, and generate structured audit reports, all in one place. Suitable for both personal and organizational environments.

Find security vulnerabilities in your Replit, Bolt, Lovable, Cursor, and v0 projects. 40+ parallel scanner engines, risk scoring A+ to F, SARIF/CSV/PDF reports, and CI/CD integration.

At its core, Vulseek combines automated asset discovery and scanning with intelligent risk prioritization, allowing security teams to focus on what truly matters. Its customizable dashboards, real-time alerts, and integrations with popular ticketing systems and SIEMs help ensure vulnerabilities are addressed swiftly and systematically.

Continuous security platform for smart contracts and ZK circuits. Static analysis, fuzzing, and formal verification in one integrated workflow.

It is an online platform for checking port status. It checks whether a port is open, closed or filtered based on port number and IP address. The tool can handle IPv4/IPv6 IP addresses of a network. The tool verifies ports on both the internal computing network and the external one as well. This tool offers a premium feature of version scan and country-wise server testing to its users. With its unlimited usage, one can take maximum advantage of the tool for network issues troubleshooting.

DeepStrike, a world-renowned leader in penetration testing and attack surface management, enables organizations to expand their security initiatives confidently

Autonomous AI security agents that run nonstop pentests to protect your websites, APIs and cloud infrastructure.

RedVeil offers on-demand penetration testing powered by agentic AI. Uncover vulnerabilities and get actionable at a fraction of traditional costs.

One AI-powered platform that detects, prioritizes, and remediate vulnerabilities and malware end-to-end without the traditional AppSec overhead.

You built the app. We'll find the holes. One audit, one payment — no security knowledge required. Free quick scan, $29 deep audit.

Use AI safely with UnblockDevs — a powerful toolkit to mask sensitive JSON and SQL data before sending it to AI, fix broken or stringified JSON, unpack messy logs, and decode JWT tokens instantly. Perfect for developers working with APIs, debugging logs, and handling sensitive data. Everything runs 100% in your browser with zero uploads, so your code and data stay private while you clean, parse, format, and analyze it.

A breakthrough approach to securing applications built with AI assistance. SecVibe complements your existing security stack with specialized controls.

It is an open-source Java application for network communication proxying for the purpose of penetration testing. It allows penetration testers to set up proxies and interceptors to manage the traffic transmitted between client and server.

Secrets, authentication tokens, passwords, and keys pose a security risk if they are left unprotected in production workloads. SecretScanner inspects file systems and running containers, identifying over 140 different types of secret data.