Top 18 products relevant to Security, Web Application Security, and Attack Surface Management

Censys helps organizations, individuals, and researchers find and monitor every server on the Internet to reduce exposure and improve security.

freemium

Network mapping service.

Advanced threat tactics for penetration testers.

The Social-Engineer Toolkit is an open source penetration testing framework designed for social...

Exploit Pack is an open source project security that will help you adapt exploit codes on-the-fly.

Core Impact Pro is the most comprehensive software solution assessing and testing security...

Network recon framework, including a web interface to browse Nmap scan results.

Open Source

Armitage makes penetration testing easy by adding a GUI to the Metasploit framework.

Discover hidden assets and vulnerabilities in your environment with our all-in-one Attack Surface Management platform.

Open Source freemium $984.0 / Annually (Sn1per Professional v10.0)

A search engine which collects, processes, and provides structured information about network...

Search Engine and Data Provider showing the exposure of what is connected to the Internet.

Search engine for the Internet of Things.

SearchDiggity is the primary attack tool of the Google Hacking Diggity Project.

It's well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket, build Golden tickets, play with certificates or private keys, vault... maybe make coffee?

Beginner Pentesting Toolkit/Framework Written in Python.

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

Grabber is a web application scanner. It detects vulnerabilities in your website.

PunkSPIDER is a global-reaching web application vulnerability search engine.