AD
Advertisement

Codehooks.io

Create powerful web apps with a super-simple backend database.

Learn more »

security-and-pki
47 listings

aikido.dev

aikido.dev

All-in-one appsec platform covering SCA, SAST, CSPM, DAST, Secrets, IaC, Malware, Container scanning, EOL,... Free plan includes two users, scanning of 10 repos, 1 cloud, 2 containers & 1 domain.
alienvault.com

alienvault.com

Uncovers compromised systems in your network
Altcha.org

Altcha.org

A Spam Filter for websites and APIs powered by natural language processing and machine learning. Free plan includes 200 requests a day per domain.
atomist.com

atomist.com

A quicker and more convenient way to automate various development tasks. Now in beta.
cloudsploit.com

cloudsploit.com

Amazon Web Services (AWS) security and compliance auditing and monitoring
Public Cloud Threat Intelligence

Public Cloud Threat Intelligence

High confidence Indicator of Compromise(IOC) targeting public cloud infrastructure, A portion is available on github (https://github.com/unknownhad/AWSAttacks). Full list is available via API
CodeNotary.io

CodeNotary.io

Open Source platform with indelible proof to notarize code, files, directories, or container
crypteron.com

crypteron.com

Cloud-first, developer-friendly security platform prevents data breaches in .NET and Java applications
CyberChef

CyberChef

A simple, intuitive web app for analyzing and decoding/encoding data without dealing with complex tools or programming languages. Like a Swiss army knife of cryptography & encryption. All features are free to use, with no limit. Open source if you wish to self-host.
DAS

DAS

Styra DAS Free, Full lifecycle policy management to create, deploy and manage Open Policy Agent(OPA) authorization
Datree

Datree

Open Source CLI tool to prevent Kubernetes misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization's policies
Dependabot

Dependabot
DJ Checkup

DJ Checkup

Scan your Django site for security flaws with this free, automated checkup tool. Forked from the Pony Checkup site.
Doppler

Doppler

Universal Secrets Manager for application secrets and config, with support for syncing to various cloud providers. Free for five users with basic access controls.
Dotenv

Dotenv

Sync your .env files, quickly & securely. Stop sharing your .env files over insecure channels like Slack and email, and never lose an important .env file again. Free for up to 3 teammates.
GitGuardian

GitGuardian

Keep secrets out of your source code with automated secrets detection and remediation. Scan your git repos for 350+ types of secrets and sensitive files – Free for individuals and teams of 25 developers or less.
Have I been pwned?

Have I been pwned?

REST API for fetching the information on the breaches.
hostedscan.com

hostedscan.com

Online vulnerability scanner for web applications, servers, and networks. Ten free scans per month.
Infisical

Infisical

Open source platform that lets you manage developer secrets across your team and infrastructure: everywhere from local development to staging/production 3rd-party services. Free for up to 5 developers.
Internet.nl

Internet.nl

Test for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS and DANE
keychest.net

keychest.net

SSL expiry management and cert purchase with an integrated CT database
letsencrypt.org

letsencrypt.org

Free SSL Certificate Authority with certs trusted by all major browsers
meterian.io

meterian.io

Monitor Java, Javascript, .NET, Scala, Ruby, and NodeJS projects for security vulnerabilities in dependencies. Free for one private project, unlimited projects for open source.
Mozilla Observatory

Mozilla Observatory

Find and fix security vulnerabilities in your site.
opswat.com

opswat.com

Security Monitoring of computers, devices, applications, configurations, Free 25 users and 30 days history users.
openapi.security

openapi.security

Free tool to quickly check the security of any OpenAPI / Swagger-based API. You don't need to sign up.
pixee.ai

pixee.ai

Automated Product Security Engineer as a free GitHub bot that submits PRs to your Java code base to automatically resolve vulnerabilities. Other languages coming soon!
pyup.io

pyup.io

Monitor Python dependencies for security vulnerabilities and update them automatically. Free for one private project, unlimited projects for open source.
qualys.com

qualys.com

Find web app vulnerabilities, audit for OWASP Risks
report-uri.io

report-uri.io

CSP and HPKP violation reporting
ringcaptcha.com

ringcaptcha.com

Tools to use the phone number as id, available for free
seclookup.com

seclookup.com

Seclookup APIs can enrich domain threat indicators in SIEM, provide comprehensive information on domain names, and improve threat detection & response. Get 50K lookups free [here](https://account.seclookup.com/).
snyk.io

snyk.io

Can find and fix known security vulnerabilities in your open-source dependencies. Unlimited tests and remediation for open-source projects. Limited to 200 tests/month for your private projects.
ssllabs.com

ssllabs.com

Intense analysis of the configuration of any SSL web server
SOOS

SOOS

Free, unlimited SCA scans for open-source projects. Detect and fix security threats before release. Protect your projects with a simple and effective solution.
StackHawk

StackHawk
Sucuri SiteCheck

Sucuri SiteCheck

Free website security check and malware scanner
Protectumus

Protectumus

Free website security check, site antivirus, and server firewall (WAF) for PHP. Email notifications for registered users in the free tier.
TestTLS.com

TestTLS.com

Test an SSL/TLS service for secure server configuration, certificates, chains, etc. Not limited to HTTPS.
threatconnect.com

threatconnect.com

Threat intelligence: It is designed for individual researchers, analysts, and organizations starting to learn about cyber threat intelligence. Free up to 3 Users
tinfoilsecurity.com

tinfoilsecurity.com

Automated vulnerability scanning. The free plan allows weekly XSS scans
Ubiq Security

Ubiq Security

Encrypt and decrypt data with three lines of code and automatic key management. Free for one application and up to 1,000,000 encryptions per month.
Virgil Security

Virgil Security

Tools and services for implementing end-to-end encryption, database protection, IoT security, and more in your digital solution. Free for applications with up to 250 users.
Vulert

Vulert

Vulert continuously monitors your open-source dependencies for new vulnerabilities, recommends fixes, without requiring installation or access to your codebase. Free for open-source projects.
Escape GraphQL Quickscan

Escape GraphQL Quickscan

One-click security scan of your GraphQL endpoints. Free, no login required.
HasMySecretLeaked

HasMySecretLeaked

Search across 20 million exposed secrets in public GitHub repositories, gists, issues,and comments for Free
Project Gatekeeper

Project Gatekeeper

An All-in-One SSL Toolkit Offering various features like Private Key & CSR Generator, SSL Certificate Decoder, Certificate Matcher and Order SSL Certificate. We offer the users to generate Free SSL Certificates from Let's Encrypt, Google Trust and BuyPass using CNAME Records rather than TXT Records.