Provide Information Site

All

This is a collection of sites about security.
The order is alphabetical.

security_company

No	Name	URL	Description	Tag
101	Kobe Digital Labo	https://www.kdl.co.jp/	Kobe Digital Labo (KDL) is a technology company that provides a range of digital solutions, including system development, business growth support, and information security. They assist in digital transformation (DX), AI applications, and strategic planning to help businesses improve operational efficiency and security.sss	Japanese Web Audit Consulting Incident Response Security enhancement support System Development Targeted Email Attack Training Smartphone App Development
102	AironWorks Co., Ltd.	https://aironworks.com/	ソーシャルエンジニアリング版のペネトレーションテストやイスラエルのUnit 8200（サイバーセキュリティなどを担当刷る部隊）のメンバーがいる会社です。	Japanese Company Hacking Pentest Pentest Targeted Email Attack Training Mail Security Social engineering
103	FFRI, Inc.	https://www.ffri.jp/	We provide a number of security services, including Yarai. We have engineers who develop our own security products and services.sss	Japanese Company Smartphone Audit IoT Audit Consulting Education Endpoint Detection and Response(EDR) Forensic Pentest System Development Information Provision
104	Flatt Security Inc.	https://flatt.tech/	GMO Flatt Security is a cybersecurity company specializing in providing advanced security solutions to protect businesses from digital threats. They offer a range of services, including security assessments, threat detection, and system monitoring, focusing on maintaining the integrity and safety of corporate IT environments.sss	Japanese Web Audit Network Audit Company Game Audit Smartphone Audit Anti-virus software verification service
105	M&K	http://www.m-kcompany.co.jp/	M&K Co., Ltd. provides comprehensive security solutions, specializing in security consulting, security audits, and system integration. They offer a variety of services, including IT environment assessments, penetration testing, compliance checks, and cloud integration. The company aims to help organizations strengthen their cybersecurity posture through expert advice, advanced tools, and training.sss	Japanese Web Audit Network Audit Company Source Code Audit Create Development Guidelines Automatic Audit tools System Development Targeted Email Attack Training
106	SHIFT SECURITY Inc.	https://www.shiftsecurity.jp/	The company provides vulnerability assessment, monitoring, and consulting services. The diagnosis seems to be systematized so that it does not depend on the person in charge. Their group company also conducts application testing, so they can provide consistent support for quality improvement and vulnerability countermeasures. They have offices all over Japan, so it is easy to consult with them even if your company is not located in Tokyo.sss	Japanese Web Audit Network Audit Company Source Code Audit Smartphone Audit Consulting Pentest Cloud Salesforce security Audit Support for internalization of audit Endpoint Audit Monitoring
107	Asterisk Research, Inc.	https://www.asteriskresearch.com/	Asterisk Research is a cybersecurity consultancy focused on helping businesses integrate security practices into their systems development. They provide solutions for early identification of risks, vulnerability management, and security strategy advisory to ensure businesses are protected against emerging cyber threats while maintaining operational efficiency.sss	Japanese Company Consulting Consulting Education Education Support for PCIDSS
108	Alpha Net Co., Ltd.	https://www.anet.co.jp/	Alphanet is a support service integrator that provides total support for IT infrastructure. Alphanet offers a wide range of services to meet customers' various needs, including IT infrastructure construction (server/storage virtualization, VDI environment construction, etc.), cyber security measures such as security diagnosis (web diagnosis, network diagnosis), and communication network construction (LAN construction, seismic/seismic isolation construction, physical security installation). We also offer a wide range of services such as data center maintenance, operation, and maintenance. We also provide human resource outsourcing services that utilize our support know-how, such as data center maintenance, operation and monitoring, technical support, and call center business support. Excerpt from [https://www.anet.co.jp/company/about/profile.html]sss	Japanese Web Audit Network Audit Company Consulting WAF Education Pentest E-Learning Targeted Email Attack Training Information Provision Building CSIRTs Cloud Physical Security
109	Ierae Security, Inc.	https://ierae.co.jp/	We are a security company that provides security diagnosis for web applications, iOS and Android applications. The company is staffed with engineers who have achieved good results in CTF and other competitions.sss	Japanese Web Audit Network Audit Company Game Audit Smartphone Audit IoT Audit Consulting CTF Forensic Pentest Cloud Security Automotive Audit Virtual Currency Audit Anti-tampering Audit
110	N.F.Laboratories Inc.	https://nflabs.jp/	N.F.Laboratories (エヌ・エフ・ラボラトリーズ) is a Japanese company specializing in cybersecurity services. They focus on advanced threat analysis, penetration testing, and hands-on training to combat cyberattacks. Their mission is to provide cutting-edge technologies and develop proactive security services to protect businesses from cyber threats. They also engage in research and development to stay ahead of attackers and offer effective security solutions.sss	Japanese Consulting Education Pentest SOC
111	KeyConnect, LTD	https://www.keyconnect.co.jp/	KeyConnect is a Japanese company specializing in cybersecurity consulting, services, and training. They focus on helping businesses secure their IT infrastructure and improve their cybersecurity posture through advisories, security diagnostics, training, and intelligence tools. Their services include vulnerability assessments, penetration testing, security awareness programs, and more, aimed at preventing cyber threats and enhancing corporate security measures. The company also offers expert advice on how to optimize security investments and decision-making.sss	Japanese Web Audit Network Audit Tools Consulting Education
112	Cyber Security Cloud , Inc.	https://www.cscloud.co.jp/	We are a company that develops Cloud WAFs such as "Kougeki Shadan Kun" and AWS WAF "WAF Charm" in-house. The company actively utilizes cloud and AI technologies to provide SaaS, flat-rate services.sss	Japanese Tools WAF Cloud
113	Cyber Defense Institute, Inc.	https://www.cyberdefense.jp	We are a comprehensive Security company that provides many services related to Security. We have several professional engineers and our forensic skills are at a high level with a lot of experience.sss	Japanese Web Audit Network Audit Major Company Game Audit Smartphone Audit IoT Audit Consulting Incident Response FW Audit Pentest
114	Sterra Security.Inc	https://www.sterrasec.com/	Flatt Securityで脆弱性診断、パブリッククラウド診断事業の立ち上げをおこなったエンジニアが立ち上げたセキュリティ企業です。「攻撃者の目線でロジックを中心に検査を実施しアプリケーションに潜むセキュリティリスクを見つけ出します」ホームページより抜粋	Japanese Web Audit Smartphone Audit Education Android Application Cloud Security iOS AWS
115	3-shake Inc.	https://3-shake.com/	Cloudの構築、自動化、運用保守、脆弱性診断サービスを提供しています。 Google Cloud Build パートナー/Google Cloud Sell パートナー認定も受けており、Google CloudはもちろんAWSなどCloudインフラ支援を多く行っているようです。ウェブアプリケーション自動診断サービス（Securify）やバグバウンティ運用代行サービス（SecurtyBugty）も展開しています。	Japanese Web Audit Company Requirements Consulting Automatic Audit tools Cloud Security Cloud AWS GCP
116	SecureInnovation Inc.	https://www.secure-iv.co.jp/	We are a security company located in Okinawa. We provide many security-related services, and also do website design, system infrastructure construction, and system development and operation.sss	Japanese Web Audit Network Audit Company IoT Audit Consulting WAF Incident Response Blog Log Management SOC
117	SecureBrain Corporation	https://www.securebrain.co.jp/	We provide many services for our proprietary software. The Advanced Technology Laboratory also conducts malware analysis, malicious site analysis, and other security-related research.sss	Japanese Web Audit Network Audit Tools Company Source Code Audit Education Endpoint Detection and Response(EDR) Manipulation Detection SOC Information Provision MITB measures Fraud Prediction Detection SDK Development Kit Countermeasures against malicious sites
118	SecuAvail Inc.	https://www.secuavail.com/	Headquartered in Osaka, Japan, the company provides security monitoring and vulnerability assessment services. We provide integrated operation management services using our self-developed software "NetStare® Manager".sss	Japanese Web Audit Network Audit Company Consulting Log Management Monitoring
119	SofTek Systems, Inc.	https://www.softek.co.jp/	We have been providing a vulnerability information service called SIDfm for 20 years. SIDfm is a very useful service in identifying vulnerabilities as soon as possible. It also provides web diagnostics and diagnostics to check server configurations.sss	Japanese Web Audit Network Audit Tools Company Vulnerability Management Information Provision Server Configuration Audit
120	Toinx Co., Ltd.	https://service.toinx.co.jp/	東北仙台でセキュリティサービスを展開している企業です。制御系システム診断サービスを提供している為、東北に工場等がある企業にはおすすめです。	Japanese Web Audit Network Audit Manipulation Detection Mail Pentest Targeted Email Attack Training Embedded Device Assessment
121	Tricorder. Co. Ltd.	https://www.tricorder.jp/	The company is headed by Mr. Noboru Ueno, who is the author of several books on security, including "A Start Guide to Vulnerability Assessment for Web Security Professionals," and is also the editor-in-chief of ScanNetecurity and the representative of Owasp Japan.sss	Japanese Web Audit Network Audit Network Audit Company Celebrated Person Education Pentest
122	TRADE WORKS Co., Ltd	http://www.tworks.co.jp/	We have been providing vulnerability assessment services since around 2010. We are the developer and operator of the cloud-based automatic diagnostic tool [SecuAlive].TradeWorks is a Japanese technology company providing advanced IT solutions in the financial services and digital commerce sectors. They specialize in developing high-reliability and secure systems for securities services, along with offering cutting-edge solutions in areas like blockchain, metaverse, and live marketing. Their focus includes web application security and providing rapid, efficient systems to meet customer needs.sss	Japanese Web Audit Network Audit Company Source Code Audit Automatic Audit tools Vulnerability Management Information Provision
123	Bitforest. Co., Ltd.	https://www.bitforest.jp/	The company provides unique security services such as Web Application Scanner: VADDY and Cloud WAF: Scutum, as well as web application diagnostics and website development.sss	Japanese Web Audit Tools Company Consulting Education Automatic Audit tools Information Provision Cloud
124	BroadBand Security, Inc.	https://www.bbsec.co.jp/	We are a comprehensive security company that provides many services related to security.sss	Japanese Web Audit Network Audit Company Source Code Audit Consulting Education Manipulation Detection Endpoint Detection and Response(EDR) Mail Incident Response Mail Security Support for PCIDSS Malware and ransomware support
125	Belue Creative	https://belue-c.jp/	Belue Creative (ベルウクリエイティブ) is a cybersecurity company based in Japan that offers a range of services, including security diagnostics, consulting, incident response, and tailored security solutions. They focus on protecting clients from cyber threats with expert penetration testing, proactive risk management, and incident resolution. The company also offers unique tools and 24/7 support to ensure the safety of client systems and data.sss	Japanese Web Audit Network Audit Company Smartphone Audit IoT Audit Consulting Education Forensic Create Development Guidelines Security enhancement support Requirements Consulting Automatic Audit tools Log Management Cloud Security Database Audit Support for PCIDSS Building CSIRTs Privacy Mark Malware and ransomware support RedTeam IPv6 Audit Host Security Audit Support for building a remote work environment Ransomware resistance check Support for acquisition of ISMS certification
126	UBsecure, Inc.	https://www.ubsecure.jp/	We are a company that develops our own security scanners that are widely used like Vex (Vulnerability Explorer). Vex has been adopted by many security companies and is a reliable tool with a long track record.sss	Japanese News Web Audit Network Audit Source Code Audit Smartphone Audit Qualifications Education Support for PCIDSS
127	LAC Co., Ltd	https://www.lac.co.jp/	LAC (ラック) is a leading cybersecurity firm in Japan, providing comprehensive services including security diagnostics, consulting, incident response, and training. They focus on protecting businesses from various cyber threats through proactive measures, advanced security solutions, and operational support. Their services range from penetration testing to managed security services (MSS), and they also offer training programs to help organizations enhance their cybersecurity awareness.sss	Japanese Web Audit Network Audit Major Company Source Code Audit Smartphone Audit IoT Audit Consulting Qualifications WAF Education Incident Response Forensic Pentest E-Learning Security enhancement support Requirements Consulting Automatic Audit tools System Development Targeted Email Attack Training Manipulation Detection Log Management SOC Hardware Audit Information Provision Support for PCIDSS Building CSIRTs Wireless LAN Audit APT Attack Resistance Audit IP address research Malware and ransomware support
128	RICERCA SECURITY All Rights Reserved.	https://ricsec.co.jp/	The company seems to specialize in aggressive security. It provides services by members with proven track records in CTF and open source vulnerability detection. They also offer a service called Silver Bullets (SB) that provides PoC and technical information on vulnerabilities.sss	Japanese Consulting Education Forensic Pentest Exploit Malware Audit
129	LEON TECHNOLOGY Inc.	https://www.leon-tec.co.jp/	We provide one-stop, integrated solutions essential for cyber security, from diagnosis and countermeasures to monitoring, operation and maintenance.sss	Japanese Web Audit Network Audit Company WordPress Source Code Audit Consulting Education Forensic Security Advisor Targeted Email Attack Training SIEM Building CSIRTs Building Active Directory
130	Sompo Risk Management Inc.	https://www.sompocybersecurity.com/index.html	A company in the SOMPO Group engaged in business related to cyber security.The corporate website ishttps://www.sompo-rc.co.jp/But for information on security, please visit https://www.sompocybersecurity.com/The corporate website is , but information on security is available at .We have partnerships with major domestic and international companies to provide a wide range of services.sss	Japanese Web Audit Network Audit Major Consulting WAF Pentest Requirements Consulting Automatic Audit tools SOC Malware Audit IDS/IPS Management Privacy Mark Antivirus software Monitoring GDPR compliance Cyber Security for Medical Institutions Cyber Security Exercise Antiphishing ISO27001 Threat Intelligence

tool

No	Name	URL	Description	Tag
131	barq	https://github.com/Voulnet/barq	Barq is an AWS Cloud Post-Exploitation framework designed for attacking and extracting data from EC2 instances in an AWS environment. It allows security professionals to perform attacks on running EC2 instances without needing the original SSH key pairs or passwords. Features include enumerating EC2 instances, extracting stored secrets, launching payloads, and interacting with various AWS services. It can be run with Python 2 or 3 and integrates with Metasploit and Empire for further exploitation.sss	English Tools AWS
132	DefenseCode ThunderScan	https://github.com/marketplace/actions/defensecode-thunderscan-action	The DefenseCode ThunderScan Action is a GitHub Action that integrates the ThunderScan SAST (Static Application Security Testing) solution for source code scanning to identify vulnerabilities. This tool helps developers assess the security of their code by analyzing it for potential flaws and generating a SARIF (Static Analysis Results Interchange Format) output. It can be seamlessly integrated into a CI/CD pipeline and DevOps environments. The action allows security teams to automate vulnerability detection during development, making it easier to secure applications early in the development process.sss	English Tools Source Code Audit Automatic Audit tools
133	DefenseCode Web Security Scanner	https://github.com/marketplace/actions/defensecode-thunderscan-action	The DefenseCode ThunderScan Action is a GitHub Action that allows users to integrate ThunderScan, a static application security testing (SAST) solution, directly into their CI/CD pipelines. This tool analyzes the source code for vulnerabilities and provides results in the SARIF (Static Analysis Results Interchange Format). By using ThunderScan, developers can detect security issues early in the development cycle, allowing teams to resolve vulnerabilities before deployment. This automation helps improve code security and supports continuous integration practicessss	Japanese Web Audit Tools Automatic Audit tools
134	Fortify Static Code Analyzer	https://www.microfocus.com/ja-jp/products/static-code-analysis-sast/overview	It is a source code diagnostic tool that has been in use for more than 10 years. It supports basic languages, and can be integrated with general development environments to perform source code checking from the time of development.sss	Japanese Tools Source Code Audit Automatic Audit tools
135	GreyNoise	https://www.greynoise.io/	GreyNoise is a threat intelligence platform that helps security teams filter out noise from benign traffic and focus on real-time, verified threats. It monitors large-scale internet activity to identify potential attacks and shares intelligence on malicious actors. By using a network of proprietary sensors, GreyNoise enables security teams to prioritize and mitigate real threats efficiently. The platform offers detailed information on exploit activities, IP addresses involved in attacks, and provides insights into global cyber threat trends.sss	Japanese Tools Foreign Country Information Provision OSINT
136	HCL App Scan	https://www.hcljapan.co.jp/software/products/appscan/	HCL AppScan is a comprehensive security testing solution designed to identify vulnerabilities in web and mobile applications. It provides both dynamic analysis (testing running applications) and static analysis (examining source code) to detect security issues. Available as both on-premises and cloud-based solutions, it helps organizations ensure the security of applications throughout the development lifecycle. AppScan supports a wide range of testing capabilities, including mobile app security, and offers automated vulnerability detection with actionable remediation advice.sss	Japanese Major Tools Foreign Country Automatic Audit tools
137	JWT.io Debugger	https://jwt.io/ja	This is a free JWT debugging service provided by Okta. ・JWT decoder ・JWT encoder If you use JWT, this is a very useful feature created with a great GUI.sss	Japanese Tools
138	KALI LINUX	https://www.kali.org/	Kali Linux is an advanced, open-source Linux distribution tailored for penetration testing, security research, forensics, and reverse engineering. It is packed with numerous security tools and optimized for professionals in the cybersecurity field. Kali Linux can be run on various platforms including ARM, mobile devices, virtual machines, and cloud environments, making it flexible for a range of use cases in security assessments.sss	English Web Audit Network Audit Major Tools Foreign Country Hacking Forensic Pentest Windows Linux/Unix Mac OS
139	Nessus	https://jp.tenable.com/products/nessus	A famous network vulnerability scanner. It provides an integrated security service based on network scanners, including cloud and installation versions.sss	Japanese Network Audit Major Tools Foreign Country Automatic Audit tools Windows Linux/Unix Mac OS Vulnerability Management
140	Nexpose	https://www.rapid7.com/products/nexpose/	A famous network vulnerability scanner. It requires installation and is often compared to Nessus. Vulnerabilities detected by Nexpose can be linked with Metasploit.sss	English Network Audit Major Tools Foreign Country Automatic Audit tools
141	Nmap	https://nmap.org/	Nmap (Network Mapper) is a free and open-source tool used for network discovery and security auditing. It helps users identify hosts and services on a computer network, detect operating systems, and discover vulnerabilities. Nmap supports various scanning techniques, including port scanning and OS detection, and is widely used by network administrators, security professionals, and hackers for network mapping and security assessments.sss	English Network Audit Tools Foreign Country Automatic Audit tools Open Source
142	OpenVAS	http://www.openvas.org/	It is a network diagnostic tool split from Nessus. It is maintained by https://www.greenbone.net/ as open source and sells appliance products with OpenVAS pre-installed.sss	English Network Audit Tools Foreign Country
143	OSS-Fuzz	https://github.com/google/oss-fuzz	ChatGPT said: The OSS-Fuzz project, developed by Google, is a continuous fuzzing service for open source software. It aims to improve the security and stability of popular open-source projects by applying modern fuzzing techniques in a scalable, distributed environment. OSS-Fuzz identifies vulnerabilities such as buffer overflows, which can have serious security implications, and supports fuzzing engines like libFuzzer, AFL++, and Honggfuzz. OSS-Fuzz supports a wide range of programming languages including C/C++, Rust, Go, Python, Java, and JavaScript, and it works with tools like ClusterFuzz for distributed fuzz testing. As of August 2023, it has helped identify and fix over 10,000 vulnerabilities and over 36,000 bugs across more than 1,000 projects.sss	English Tools Open Source Fuzzing Git Google
144	Parrot Security OS	https://github.com/ParrotSec	Like Kali Linux, it specializes in vulnerability testing. A variety of tools for attacks are already installed from the beginning.sss	English Web Audit Network Audit Tools Foreign Country Hacking Forensic Pentest Windows Linux/Unix Mac OS
145	powershellempire	https://github.com/EmpireProject/Empire	Empire is a post-exploitation framework combining PowerShell and Python agents. It provides a range of post-exploitation modules and secure communication for evading detection, focusing on usability and adaptability in both Windows and Linux environments.sss	English Tools Hacking Windows
146	Probely	https://probely.com/web-vulnerability-scanner/web-app-scanning/	Probely is a web application vulnerability scanner that automates the security testing of web applications. It aims to eliminate false positives and provide comprehensive scan coverage, focusing on delivering actionable results with minimal intervention. Probely utilizes a headless-chrome-based spider for scanning, making it effective for complex JavaScript apps and Single-Page Applications (SPAs). This tool allows security teams to quickly identify and address vulnerabilities without manual validation, enhancing security and efficiency in DevOps environments.sss	English Web Audit Automatic Audit tools
147	Project Discovery	https://projectdiscovery.io/	ProjectDiscovery specializes in vulnerability management, providing tools that help organizations detect, prioritize, and mitigate exploitable vulnerabilities across their infrastructure. Their platform utilizes high-fidelity scanning powered by open-source tools like Nuclei, enabling security teams to focus on real threats. They offer continuous scanning, automated vulnerability detection, and customizable workflows, all designed to reduce false positives and streamline remediation. ProjectDiscovery helps security professionals manage their attack surface and integrate security into their DevOps processes.sss	English Network Audit Tools Foreign Country Open Source
148	Project OneFuzz	https://github.com/microsoft/onefuzz	OneFuzz is an open-source platform for continuous fuzzing-as-a-service. It allows developers to easily run fuzzing jobs to identify software vulnerabilities before release. With OneFuzz, users can scale fuzzing from a few virtual machines to thousands of cores. It supports both Windows and Linux platforms and includes features like ensemble fuzzing, live-debugging, and automatic triage of found vulnerabilities.sss	English Tools Open Source Microsoft Fuzzing Git
149	protocol-fuzzer-ce	https://gitlab.com/gitlab-org/security-products/protocol-fuzzer-ce	The Protocol Fuzzer CE is a community edition of GitLab's protocol fuzzing framework, designed to test and identify vulnerabilities in network protocols. Based on the Peach Fuzzer Professional, it includes key features but with some functionality removed. The tool is used to discover potential security flaws in protocol implementations, making it an essential part of a security professional's toolkit.sss	Japanese Tools Open Source Fuzzing Git
150	Prowler	https://github.com/prowler-cloud/prowler	Prowler is a security tool for assessing AWS security best practices, auditing, incident response, continuous monitoring, hardening, and forensics readiness Prowler includes all CIS controls and many additional checks to help with GDPR, HIPAA, and other security frameworks. Prowler includes all CIS controls and many additional checks to help with GDPR, HIPAA, and other security frameworks.sss	English Tools AWS
151	https://github.com/RhinoSecurityLabs/pacuRhinoSecurityLabs/pacu	https://github.com/RhinoSecurityLabs/pacu	Pacu is an open-source AWS exploitation framework created by Rhino Security Labs. It is designed for penetration testing and security assessment of Amazon Web Services (AWS) environments. Pacu helps security professionals identify vulnerabilities in AWS configurations, using a variety of modules to exploit issues such as privilege escalation, backdooring IAM users, and attacking vulnerable Lambda functions. It can be easily installed and used with Python and Docker, making it a valuable tool for testing the security of cloud environments.sss	English Tools AWS
152	ripstech	https://www.ripstech.com/	Ripstech, now rebranded as Sonar, provides solutions for ensuring clean code by improving code quality, security, and maintainability. Their platform offers tools like SonarQube, SonarCloud, and SonarLint to support continuous code analysis and quality management. These tools help developers identify and fix issues in real-time, optimize development processes, and reduce technical debt. Sonar integrates seamlessly into DevOps pipelines, making it easier to maintain high-quality, secure code from development to production.sss	English Tools Source Code Audit Automatic Audit tools
153	ShadowDragon	https://shadowdragon.io/	ShadowDragon provides advanced OSINT (Open Source Intelligence) tools that enable investigators to gather and analyze data from over 225 sources. Their platform includes tools for social media analysis, malware investigation, geolocation, and more, designed to streamline investigations and uncover actionable insights quickly and efficiently.sss	English News Tools
154	Snort	https://www.snort.org/	Snort is an open-source Intrusion Prevention System (IPS) used for real-time traffic analysis and packet logging. It is designed to detect and prevent malicious network activity by analyzing network traffic and generating alerts based on predefined rules. Snort can function as a packet sniffer, a packet logger, or as a full-blown IPS to prevent attacks. It is widely deployed for network security and provides tools for both individual and organizational use. Users can access community rules for free or subscribe for real-time updates via Snort Subscriber Ruleset.sss	English Tools Open Source IDS/IPS Management
155	sqlmap	http://sqlmap.org/	SQLMap is an open-source penetration testing tool designed to automate the process of detecting and exploiting SQL injection flaws. It offers a robust engine for identifying vulnerabilities and exploiting database servers, supporting multiple SQL injection techniques. SQLMap allows security professionals to access underlying file systems, execute commands on the operating system, and dump databases. It's widely used for vulnerability assessments, data exfiltration, and escalating privileges within database systems.sss	English Tools Automatic Audit tools
156	Suricata	https://suricata.io/	Suricata is an open-source, high-performance network analysis and threat detection engine. It is widely used by public and private organizations to monitor and protect their networks. Suricata supports multiple features such as intrusion detection, intrusion prevention, and network security monitoring. It is known for its high scalability and the ability to analyze large amounts of network traffic in real-time. Suricata integrates with various tools and platforms and is backed by a strong global community.sss	English Tools Open Source IDS/IPS Management
157	trivy	https://github.com/aquasecurity/trivy	Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issuessss	English Tools Vulnerability Management Open Source Server Configuration Audit Git
158	VADDY	https://vaddy.net/	The artificial intelligence technology used in VAddy has succeeded in omitting complex configuration items, making it easy for even inexperienced users to perform vulnerability assessments. Even those with no experience in security diagnostics can easily perform inspections. In addition, the minimum number of inspection items corresponding to real-world threats enables fast inspection. Excerpt from [https://vaddy.net/ja/reasons.html Translated with www.DeepL.com/Translator (free version)sss	Japanese Web Audit Tools Automatic Audit tools
159	Vega	https://subgraph.com/vega/	Vega is a free and open-source web security scanner and testing platform designed to assess the security of web applications. It helps find vulnerabilities such as SQL injection, cross-site scripting (XSS), and inadvertently exposed sensitive information. Written in Java, it provides a graphical user interface (GUI) and works on Linux, OS X, and Windows. Vega includes an automated scanner, an intercepting proxy, and a powerful API for extending its capabilities with custom attack modules written in JavaScript.sss	English Web Audit Tools Automatic Audit tools
160	VEX	https://www.ubsecure.jp/vex	VEX by UBsecure is a leading vulnerability assessment tool for web applications, holding the largest market share in Japan. Released in 2007, VEX has gained widespread recognition, especially in the financial industry, for its high-precision vulnerability detection. The tool has been continuously improved over the years, with feedback from thousands of site assessments, ensuring high reliability and effectiveness. VEX is widely used by security professionals to conduct comprehensive vulnerability testing and is known for its advanced capabilities in identifying and mitigating web application security risks.sss	Japanese Tools Automatic Audit tools
161	vuls	https://vuls.biz/lp/	It is a scanner-installed version of the software installed in various environments that can be scanned for vulnerabilities.There are free versions of OSS and paid versions with full support and functions.sss	Japanese Tools Automatic Audit tools Open Source
162	Wappalyzer	https://chromewebstore.google.com/detail/wappalyzer-technology-pro/gppongmhjkpfnbhagpmjfkannfbllamg	Wappalyzer is a browser extension that identifies the technologies used by websites. It can detect frameworks, programming languages, CMSs, and many other web technologies, making it useful for developers, marketers, and researchers who want to learn more about the tech behind websites.sss	English Tools Foreign Country Open Source Site Information Gathering
163	wappalyzergo	https://github.com/projectdiscovery/wappalyzergo	The WappalyzerGo project is a high-performance Go implementation of the Wappalyzer technology detection library. It helps identify technologies used on websites (like CMS, frameworks, servers, etc.) by analyzing the headers and body of web pages. This tool is based on data from the original Wappalyzer project and offers features such as normalized regex patterns and an auto-updating database for detecting technology fingerprints. This Go library is optimized for performance and is easy to integrate into applications for technology detection in web security assessments or analytics.sss	English Tools Foreign Country Open Source Site Information Gathering
164	WPScan	https://wpscan.org/	WPScan is a security scanner specifically designed for WordPress sites. It allows security professionals and site maintainers to identify vulnerabilities in WordPress installations, including plugins, themes, and configuration settings. WPScan checks for a variety of issues such as outdated WordPress versions, vulnerable plugins or themes, weak passwords, exposed error logs, and more. It uses a comprehensive database of known vulnerabilities to perform security assessments and help improve the overall security of WordPress sites.sss	English Tools WordPress Automatic Audit tools

blog

No	Name	URL	Description	Tag
165	Acunetix Web Security Blog	https://www.acunetix.com/blog/	The Acunetix blog focuses on web application security, providing valuable insights and resources for professionals in the cybersecurity field. Topics include vulnerability management, penetration testing, security best practices, and in-depth analysis of specific web vulnerabilities such as SQL injection, XSS, and CSRF. The blog also covers updates on the Acunetix product, security trends, and expert opinions, helping security teams stay informed and improve their web security practices.sss	English Web Audit Foreign Country Company Blog Information Provision
166	Aironworks Blog	https://note.com/aironworks	AironWorks is a company focused on next-generation cybersecurity training platforms powered by AI. The blog shares insights into cybersecurity trends, news, and updates. Topics include penetration testing, social engineering attacks, and zero-trust models, along with case studies and reports on real-world cyber incidents, providing valuable resources for security professionals.sss	Japanese Foreign Country Company Blog Information Provision
167	AT&T Cybersecurity Blog	https://cybersecurity.att.com/blogs	The LevelBlue Blog from AT&T Cybersecurity provides insights and updates on the latest cybersecurity trends, including topics like threat detection, network security, cloud security, and more. It serves as a valuable resource for businesses looking to strengthen their cybersecurity posture and stay informed on current risks and solutions.sss	English Foreign Country Company Blog Information Provision
168	Compass Security Blog	https://blog.compass-security.com/	The Compass Security Blog provides expert content on offensive security, including red teaming, penetration testing, vulnerability research, and security tools. The blog features detailed posts on various cybersecurity topics, such as bypassing web filters, securing email communications, and techniques for exploiting vulnerabilities in web applications and networks. It's an informative resource for cybersecurity professionals seeking to stay updated on the latest offensive security trends and practices.sss	English Foreign Country Company Blog Information Provision
169	CYBER WORLD MIRROR	https://cyberworldmirror.com/	This is a blog maintained by AshutoshBarot and VivekDesai, cyber security experts from India. You can submit articles to this blog by contacting the administrators.sss	English Foreign Country Information Provision
170	eForensics Magazines Blog	https://eforensicsmag.com/blog/	The eForensics blog offers a wide range of articles related to digital forensics, cyber security, and incident response. It covers topics such as the latest trends in digital forensics, AI in cyber security, malware analysis, data recovery, and cyber crime. The blog provides in-depth insights and practical advice, helping professionals in the field stay updated on the newest tools, techniques, and challenges in digital forensics and security.sss	English Foreign Country Blog Forensic Information Provision
171	ESET Security Blog	https://www.eset.com/jp/blog/	ESET's Security Blog offers the latest cybersecurity news, analysis, and expert insights. It covers a variety of topics including malware threats, cyberattacks, and new vulnerabilities, keeping businesses and individuals informed about the current security landscape.sss	Japanese Company Blog Information Provision
172	F-Secure News	https://blog.f-secure.com/ja/	The official F-Secure blog provides a wide range of content related to cybersecurity, focusing on business and home security, threat research, privacy, and emerging security trends. It covers topics like ransomware, phishing, advanced threats, and the latest cyber attacks. F-Secure's experts share insights and tips on how to protect against cyber threats, improve digital privacy, and secure enterprise systems. The blog also includes updates on their products and services, such as endpoint protection and security solutions for both individuals and organizations.sss	Japanese Major Company Blog Information Provision
173	GitHub Security Survey Results	https://securitylab.github.com/research/	Excellent engineers explain the analysis about vulnerabilities and how to detect vulnerabilities.sss	English Company Blog Forensic Information Provision
174	GitHub's Security advisory	https://securitylab.github.com/advisories/	The GitHub Security Lab Advisory page provides detailed information on the vulnerabilities discovered by GitHub Security researchers in popular open-source projects. These advisories are published after the vulnerabilities are disclosed and patched by the relevant project teams, ensuring transparency and helping the community address critical security issues.sss	English Company Blog Information Provision Security Advisories
175	Threat Analysis Group	https://blog.google/threat-analysis-group/	This is a site that publishes the results of Google's threat analysis. It also summarizes the trends of well-known attacker groups and politically-related hacking activities.sss	English Major Foreign Country Hacking Information Provision Threat Intelligence Google
176	Google Threat Analysis Group Blog	https://blog.google/threat-analysis-group/	The Google Threat Analysis Group (TAG) blog provides updates on efforts to combat state-sponsored cyber threats. The blog focuses on tracking and analyzing government-backed attacks, detailing the methods and tools used by adversaries, and sharing insights into how Google is working to protect its users and services.sss	Japanese Foreign Country Blog SOC Information Provision
177	Hacking Articles	https://www.hackingarticles.in/	This is a blog by Raj Chandel that summarizes security issues in an easy-to-understand manner. It's in English, but it's very nicely organized.sss	English Web Audit Foreign Country Hacking Education Blog Pentest Information Provision
178	Hacktricks	https://book.hacktricks.wiki/en/index.html	攻撃手法などについてわかりやすく情報提供してくれています。ドメインがxyzなので怪しさがありますが、記事の内容はとても為になります。	Japanese News Foreign Country Pentest Information Provision Exploit
179	IBM Security Intelligence Blog	https://www.ibm.com/blogs/security/jp-ja/	IBM has been providing us with information about security. The English site is [https://www.ibm.com/security].sss	Japanese Foreign Country Company Blog Information Provision
180	IMMUNITY SERVICE	http://immunityservices.blogspot.com/	Immunity Inc.sss	English Blog Information Provision
181	Imperva Japanese Blog	https://www.imperva.com/ja/blog/	The Imperva Blog provides insights, research, and news about cybersecurity, focusing on threats like DDoS attacks, data protection, and application security. The blog covers the latest security trends, industry reports, and best practices to help businesses safeguard their digital infrastructure and protect against evolving cyber risks.sss	Japanese Major Foreign Country Company Blog
182	InfosecMatter	https://www.infosecmatter.com/	This site was created with the idea of creating a site where everyone can find information about Security, after realizing that there are many similar questions about Security. The site was launched in 2020, so the amount of information is not large yet, but the articles are very easy to understand.sss	English News Tools Foreign Country Hacking Blog Information Provision
183	Kaspersky News	https://blog.kaspersky.co.jp/category/news/	The Kaspersky Blog's news section covers the latest developments in cybersecurity, offering insights into emerging threats like phishing, malware, and scams. It provides updates on security products, cyberattacks, and safety recommendations for both consumers and businesses to stay protected against evolving digital risks.sss	Japanese Major Foreign Country Blog Information Provision
184	NFLabs. engineer blog	https://blog.nflabs.jp/	This is a technical blog published by NF Laboratories Co., Ltd. It is very easy to understand and contains useful information.sss	Japanese Company Hacking CTF Qualifications Education Blog Bug Bounty Information Provision
185	Open Source DFIR	https://osdfir.blogspot.com/	Open Source DFIR is a blog focused on digital forensics and incident response (DFIR) using open-source tools. The blog provides tutorials, case studies, and practical advice on leveraging open-source solutions for conducting digital forensics and responding to cyber incidents. Topics include tools like Plaso, Timesketch, and other DFIR-related resources.sss	English Incident Response Blog Forensic Information Provision
186	Pentest Monkey	https://pentestmonkey.net/	A collection of security blogs, SQL injection cheat sheets, and other cheat sheets.sss	English Foreign Country Education Pentest Information Provision Cheetsheet
187	Pentester Land	https://pentester.land/	This is a site that provides information about Security and also updates CheatSheet and BugBounty write-up.sss	English Foreign Country Hacking Blog Pentest Bug Bounty Information Provision Cheetsheet
188	Piyolog	https://piyolog.hatenadiary.jp/	This is a blog that summarizes security information by piyokango.sss	Japanese Blog Information Provision
189	Portswigger Blog	https://portswigger.net/blog	This is the blog of the company that develops Burp Suite.sss	English Foreign Country Company Blog Information Provision
190	PT SWARM	https://swarm.ptsecurity.com/	PT Security Weakness Advanced Research and Modeling (PT SWARM) is the aggressive security division of Positive Technologies, and they publish information about security here.sss	English Foreign Country Blog Information Provision
191	Qualys Security Blog	https://blog.qualys.com/	The Qualys Security Blog offers in-depth insights and updates on various cybersecurity topics. It covers vulnerability research, threat intelligence, product updates, and security best practices. Notably, it discusses critical issues such as major vulnerabilities (e.g., Log4j2, CVE-2021-3156), threat protection, and secure configurations. The blog is a valuable resource for security professionals looking to stay informed about current cyber threats and mitigation strategies.sss	English Major Foreign Country Blog Information Provision
192	Rapid7 Blog	https://www.rapid7.com/blog/	The Rapid7 Blog offers insights into various cybersecurity topics, including vulnerability management, detection and response, cloud security, and application security. It highlights the latest research, best practices, product updates, and security solutions. Rapid7's blog serves as a valuable resource for security professionals seeking expert advice on identifying and mitigating cyber risks, along with updates on emerging threats and attack vectors.sss	English Major Foreign Country Company Blog Information Provision
193	Redhat's Official Blog	https://www.redhat.com/ja/blog	Information about Red Hat is updated regularly. You can also refine your search for information about Security.sss	English Major Company Blog Information Provision
194	Sans Blog	https://www.sans.org/blog/	The SANS Institute Cybersecurity Blog features posts from security professionals offering insights into various cybersecurity topics. This includes trends in cyber defense, digital forensics, incident response, cloud security, and much more. The blog is a key resource for professionals seeking to stay ahead in the ever-evolving cybersecurity landscape.sss	English Major Foreign Country Blog Information Provision
195	SecurityTrails Blog	https://securitytrails.com/blog	The SecurityTrails blog offers valuable insights on cybersecurity, threat intelligence, and domain data. It features articles on how to improve online security, track cyber threats, and understand domain infrastructure, helping businesses stay secure in an ever-evolving digital landscape.sss	English Foreign Country Company Blog Information Provision
196	Sentinel One Blog	https://jp.sentinelone.com/blog/	SentinelOne's blog offers expert insights into cybersecurity, focusing on endpoint protection, AI-driven threat detection, and incident response. It covers topics like ransomware, malware, and trends in cybersecurity, providing valuable information for organizations looking to strengthen their security measures.sss	English Foreign Country Company Blog Information Provision
197	Suciri Blog	https://blog.sucuri.net/	The Sucuri blog covers a wide range of topics related to website security, including malware infections, WordPress vulnerabilities, and best practices for safeguarding websites. It also provides in-depth articles on how to deal with various cyber threats, from credit card skimmers to backdoors, helping users stay informed on the latest security challenges.sss	English Foreign Country Company Blog Information Provision
198	Tenable techblog	https://medium.com/tenable-techblog	This is a blog that provides information about the security of Nessus' Tenable.sss	English Major Foreign Country Blog Information Provision
199	UBsecure Blog	https://www.ubsecure.jp/blog	The UBsecure Blog provides expert insights and updates on cybersecurity topics, including vulnerability management, security certifications, and the latest industry trends. It is a valuable resource for businesses looking to enhance their security measures and stay informed on emerging threats.sss	Japanese Company Blog Information Provision
200	Ubuntu Official Blog	https://ubuntu.com/blog	The Ubuntu blog offers a wealth of information on topics related to the Ubuntu operating system, its ecosystem, and the technologies that support it. It includes updates on new features, tutorials for developers, and insights into how Ubuntu is used in various industries, including cloud computing, AI, and IoT. Additionally, the blog covers important announcements, product releases, and security updates, as well as thought leadership on open-source technologies and innovations from Canonical.sss	English Major Foreign Country Blog Information Provision

URL
Name
Language
Number of items displayed

Display Dashboard Setting