#reports

BlueHound
BlueHound

Pinpoint the security issues that actually matter.

ThreatMapper
ThreatMapper

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

OpenCTI
OpenCTI

Open Cyber Threat Intelligence Platform.

django-DefectDojo
django-DefectDojo

DevSecOps, ASPM, Vulnerability Management.

wazuh
wazuh

The open source security platform.

writehat
writehat

A pentest reporting tool.

BBstats
BBstats

Displays stats and graphs about your Bug Bounty activity.

BountyDash
BountyDash

Combine your rewards from platforms giving you insights about your bug hunting progress.

HardeningKitty
HardeningKitty

Checks and hardens your Windows configuration.

TEx
TEx

Telegram Explorer created to help researchers, investigators and law enforcement agent.

Redacted Request
Redacted Request

Enhance the security and confidentiality of HTTP request handling within the Burp Suite.

PwnDoc
PwnDoc

Pentest report generator.

archerysec
archerysec

Automate your application security orchestration and correlation (ASOC).

SysReptor
SysReptor

Easy and customisable pentest report creator based on simple web technologies.

securityonion
securityonion

Free and open platform for threat hunting, enterprise security monitoring, and log management.

Dradis
Dradis

Collaboration and reporting for infosec teams made simple.

WebInspect
WebInspect

An automated dynamic testing solution that provides comprehensive vulnerability detection.

Invicti
Invicti

Web Application Security For Enterprise.

Splunk
Splunk

The unified security and observability platform.

NetWitness
NetWitness

Rapidly detect and respond to any threat, anywhere. See Everything. Fear Nothing.

Nagios
Nagios

The industry standard in IT infrastructure monitoring.

ADRecon
ADRecon

Gather information about the Active Directory and generates a report.

RedTeam_toolkit
RedTeam_toolkit

Open source Django offensive webapp which is keeping the best tools used in the redteaming.

APTRS
APTRS

Automated penetration testing reporting system.

Qualys Cloud Platform
Qualys Cloud Platform

The revolutionary architecture that powers Qualys' IT, security, and compliance cloud apps.

LanGuard
LanGuard

Patch management, vulnerability scanning, and network auditing.

Nexpose
Nexpose

Vulnerability scanner which aims to support the entire vulnerability management lifecycle.

Core Impact
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

Paros Proxy
Paros Proxy

HTTP(S) proxy for assessing web application vulnerability.

Nessus
Nessus

The global gold standard in vulnerability assessment built for the modern attack surface.

drek
drek

A static-code-analysis tool for performing security-focused code reviews.

Mosca
Mosca

Manual search tool to find bugs like a grep unix command.

ScoutSuite
ScoutSuite

Multi-cloud security auditing tool.

Legion
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

IntelSpy
IntelSpy

Perform automated network reconnaissance scans to gather network intelligence.

Nessus database export
Nessus database export

Export Nessus results to a relational database for use in reports, analysis, or whatever else.

FridaAndroidTracer
FridaAndroidTracer

Android application tracer powered by Frida.

open-sesame
open-sesame

Contains HackerOne disclosed reports and other bug bounty writeups.

localdataHog
localdataHog

String-based secret-searching tool, high entropy and regexes.

Coercer
Coercer

Automatically coerce a Windows server to authenticate on an arbitrary machine.

H1 Report Finder
H1 Report Finder

A burpsuite extension to find security reports published on HackerOne based on the selected host.

DependencyCheck
DependencyCheck

Utility that detects publicly disclosed vulnerabilities in application dependencies.

StaCoAn
StaCoAn

Crossplatform tool which help to perform static code analysis on mobile applications.

h1-search
h1-search

Request the public disclosures on a specific HackerOne program.

Domain Analyzer
Domain Analyzer

Analyze the security of any domain by finding all the information possible. Made in python.

PentesterLand
PentesterLand

Sharing knowledge that makes your life as bug hunters and pentesters easier.

Acunetix
Acunetix

Quickly find and fix the vulnerabilities that put your web applications at risk of attack.

0d1n
0d1n

Tool for automating customized attacks against web applications.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Dastardly Scan Action
Dastardly Scan Action

Runs a scan using Dastardly by Burp Suite against a target site and generates a report.

Replicator
Replicator

Burp Suite extension to help developers replicate findings from pentests.

bountyplz
bountyplz

Automated security reporting from markdown templates.

skipfish
skipfish

Active web application security reconnaissance tool.