Provide Information Site

Select Genre All

security_company

convenient_service

vulnerable_site

vulnerability_notification_site

Security Advisary

Education,Training

Cloud Security Posture Management

Information Site Top

->

All

This is a collection of sites about security.
The order is alphabetical.

Show Search Menu

blog

No	Image	Name	URL	Description	Tag
201		vulmon Blog	https://blog.vulmon.com/	The Vulmon blog provides insights into vulnerabilities, security threats, and solutions. It covers important topics such as vulnerability detection, analysis, and proactive security measures. The blog aims to keep users informed about the latest vulnerabilities and offer tools for improving cybersecurity practices.sss	English Foreign Country Blog Information Provision
202		Whitehat Security Blog	https://www.blackduck.com:443/blog.html	This is the blog of NTT Group's White Hat Security.sss	English Foreign Country Blog Information Provision
203		Scios Security Blog	https://security.sios.jp/category/vulnerability/	The SIOS Security Blog focuses on vulnerabilities within open-source software (OSS). It provides detailed posts about newly discovered vulnerabilities, their potential impacts, and security patches or solutions. The blog aims to help users and organizations stay updated with the latest security issues in OSS tools.sss	Japanese Blog Information Provision
204		Cyber Reasons Blog	https://www.cybereason.co.jp/blog/	Cybereason's blog provides updates on cybersecurity trends, focusing on threat intelligence, malware, and advanced persistent threats (APT). It includes expert analysis and insights into how organizations can protect themselves against the latest cyber threats, as well as updates on the company’s products and services.sss	Japanese Foreign Country Company Blog Information Provision
205		Security hole memo	http://www.st.ryukoku.ac.jp/~kjm/security/memo/	This is a site that compiles SecurityNews links and international news.sss	Japanese Celebrated Person Celebrated Person Blog Blog Information Provision Information Provision
206		Security Cat Memorandum	https://nekochansecurity555.hatenablog.com/	Security Cat is sending out information about what he has researched. He summarizes what he has found out about security, and it is very helpful.sss	Japanese Blog Information Provision
207		SoftBank Technology Blog	https://www.softbanktech.co.jp/special/	They provide information like SBT svetes, cloud engineering blogs, DX stations, and vulnerability research reports.sss	Japanese Company Blog Information Provision
208		Trend Micro Security News	https://www.trendmicro.com/ja_jp/security-intelligence/breaking-news.html	Trend Micro's security information sitesss	Japanese News Major Blog Information Provision
209		Trend Micro Blog	https://blog.trendmicro.co.jp/	Trend Micro provides us with threat information and news from security experts.sss	Japanese Major Company Blog Information Provision
210		Pentest Magazine Blog	https://pentestmag.com/blog/	Pentestmag's blog offers in-depth articles on cybersecurity topics, with a special focus on penetration testing, ethical hacking, and security vulnerabilities. It provides practical advice, tutorials, and resources for cybersecurity professionals to enhance their skills and stay updated with the latest trends in the field.sss	English Blog Pentest Information Provision
211		Microsoft Security Response Center blog	https://msrc.microsoft.com/blog/categories/msrc/	Security information about Microsoft products is being sent out.sss	English Major Company Blog Windows Information Provision Microsoft
212		Microsoft Security Response Center (Japan Security Team)	https://msrc.microsoft.com/blog/categories/jpsecurity/	Security information about Microsoft products is being sent out.Regular monthly updates are also posted here.sss	Japanese Major Blog Information Provision Microsoft
213		Microsoft Security Response Center (Security Research & Defense)	https://msrc.microsoft.com/blog/categories/srd/	Security information about Microsoft products is being sent out.Regular monthly updates are also posted here.sss	English Major Blog Information Provision Microsoft
214		LAC security hodgepodge blog	https://devblog.lac.co.jp/	The "ラック・セキュリティごった煮ブログ" (LAC Security Miscellaneous Blog) is a blog managed by LAC, a cybersecurity company. It provides insights into security and IT technologies, specifically targeting engineers. The blog features articles on penetration testing, vulnerabilities, cybersecurity trends, and technical discussions. Topics include real-world attack scenarios, security research, and detailed breakdowns of complex security issues, aimed at helping IT professionals stay informed about the latest in security.sss	Japanese Major Blog Information Provision
215		Mitsui Secure Directions Research/Blog	https://www.mbsd.jp/research/	The MBSD (Mitsui Bussan Secure Directions) research blog provides detailed information and insights on various cybersecurity topics. It features the latest research, case studies, and analysis on security incidents, threats, and best practices, aimed at helping organizations stay secure against emerging risks.sss	Japanese Company Blog Information Provision

organization

No	Image	Name	URL	Description	Tag
216		Center for Internet Security	https://www.cisecurity.org/	At CIS®, we're harnessing the power of global IT community to safeguard public and private organizations against cyber threatssss	English Foreign Country Organization Information Provision
217		Information-technology Promotion Agency	https://www.ipa.go.jp/	The National Institute of Information and Communications Technology (NICT) is an independent administrative agency that disseminates security information, fosters human resources, and organizes national certification examinations. People who are involved in work related to information processing are taken care of by the examinations. They send out a lot of information, so I recommend that you check for updates regularly.sss	Japanese Organization Government Qualifications Information Provision
218		JPCERT/CC	https://www.jpcert.or.jp/	The JPCERT Coordination Center (JPCERT/CC) compiles information on intrusions and other attacks on corporate networks in Japan, and provides information on defense methods and trends.sss	Japanese Organization Government Incident Response
219		MISP Threat Sharing	https://www.misp-project.org/	As the MISP project expanded, MISP is not only covering the malware indicators but also fraud or vulnerability information. The name is now MISP, threat sharing which includes the core MISP software and a myriad of tools (PyMISP) and format (core format, MISP taxonomies, warning-lists) to support MISP. MISP is now a community project lead by a team of volunteers.sss	English Foreign Country Organization Incident Response Open Source Data management and protection Monitoring Threat Intelligence MISP
220		MITRE	https://www.mitre.org/		English Organization
221		Mitre Shield	https://shield.mitre.org/	MITRE Shield is a knowledge base focused on active defense and adversary engagement. It provides insights into defensive strategies and tactics, such as cyber deception and adversary counteractions, based on over 10 years of experience. The platform helps defenders understand and apply various tactics and techniques to protect against cyber threats effectively.sss	English Organization
222		National Vulnerability Database	https://nvd.nist.gov/	The National Vulnerability Database (NVD) is a comprehensive U.S. government repository that provides data on vulnerabilities. It includes standardized vulnerability information and metrics, allowing organizations to manage vulnerabilities, automate security processes, and comply with various regulations. The NVD is a valuable resource for tracking security threats and understanding their impact.sss	English Organization Government
223		NICT: National Institute of Information and Communications Technology	http://www.nict.go.jp/	The National Institute of Information and Communications Technology (NICT), as Japan's only public research organization specializing in the field of information and communication, promotes research and development of information and communication technologies from an integrated perspective, from basic to applied, and at the same time, cooperates with universities, industries, local governments, and research institutes in Japan and overseas. At the same time, we collaborate with universities, industry, local governments, and research institutions in Japan and overseas, with the aim of returning the results of our research and development to society at large and creating innovation. Excerpt from [https://www.nict.go.jp/about/greetings.html]sss	Japanese Organization Government
224		Japan Network Security Assciation	http://www.jnsa.org/	It is a non-profit organization (NPO) that organizes the Security Contest (SECCON). In addition to disseminating information on network security, it has many social activity groups and engages in a wide range of activities.sss	Japanese Organization
225		OWASP	https://www.owasp.org/	The Open Web Application Security Project is an online community that creates freely available articles, methodologies, documentation, tools, and techniques in the field of web application security.sss	English Organization
226		OWASP JAPAN	https://www.owasp.org/index.php/Japan	He conducts security activities in Japan such as study sessions and translation of documents. They have translated the "OWASP Top 10" released by OWASP.sss	Japanese Organization
227		Sans	https://www.sans.org/jp_ja/	SANS Institute provides world-class cybersecurity training and certification programs. They offer live online and in-person courses on various topics, from ethical hacking to incident response. The platform also provides resources such as webinars, white papers, and specialized tools to help cybersecurity professionals stay ahead of emerging threats.sss	Japanese Organization Qualifications Education
228		WAS Forum	https://wasforum.jp/	It is a non-profit, voluntary organization established in 2004. The purpose of its activities is to research issues related to web application security, share information on how to improve security, and disseminate and educate effective information on appropriate measures and construction methods. [Excerpt from the website]sss	Japanese Web Audit Organization
229		フィッシング対策協議会	https://www.antiphishing.jp/	The Anti-Phishing Council of Japan (APC) works to raise awareness and provide resources to combat phishing attacks. The website offers guidelines, reports, and updates about phishing scams, helping both consumers and businesses protect against cyber threats. It also features information on how to report phishing incidents and tips for staying safe online.sss	Japanese Organization Information Provision
230		国民のための情報セキュリティサイト	https://www.soumu.go.jp/main_sosiki/cybersecurity/kokumin/index.html	This is a website from the Ministry of Internal Affairs and Communications (MIC) that provides easy-to-understand explanations about information security.The site describes risks, accident cases, and countermeasures for information security used in daily life such as the Internet, smartphones, and Wi-Fi.sss	Japanese Organization Government Information Provision
231		日本サイバー犯罪対策センター	https://www.jc3.or.jp/	The Japan Cybercrime Control Center (JC3) focuses on addressing cybercrime and improving national cybersecurity. Their website provides information on various cyber threats, best practices, and recent trends. JC3 works to protect citizens and businesses by offering research, alerts, and collaboration with other organizations to combat cybercrime in Japan.sss	Japanese Organization Government
232		日本シーサート協議会	https://www.nca.gr.jp/	CSIRT (Computer Security Incident Response Team) is a generic term for an organization that deals with computer security incidents. It constantly collects and analyzes incident-related information, vulnerability information, and information on predictive signs of attacks, and works to formulate response policies and procedures. Excerpt from [https://www.nca.gr.jp/outline/index.html]sss	Japanese Organization Building CSIRTs
233		経済産業省 - 情報セキュリティ政策	https://www.meti.go.jp/policy/netsecurity/	The Ministry of Economy, Trade and Industry (METI) in Japan focuses on cybersecurity policies aimed at improving the nation's security infrastructure. Their website offers resources and guidelines on various cybersecurity topics, including vulnerability management, risk reduction, and incident response. METI works with organizations to strengthen cybersecurity measures and protect critical infrastructure.sss	Japanese Organization Government
234		警視庁　サイバー犯罪対策プロジェクト	https://www.npa.go.jp/bureau/cyber/index.html	The Cyber Police Bureau of the National Police Agency (NPA) in Japan focuses on preventing and investigating cybercrimes. Their website offers information on various cyber threats, prevention measures, and public safety initiatives. The Cyber Police Bureau also provides guidelines for reporting incidents and ways to protect against digital threats, including ransomware and phishing.sss	Japanese Organization Information Provision

convenient_service

No	Image	Name	URL	Description	Tag
235		Alien Vault	https://otx.alienvault.com/	It is an open threat information sharing community. Collaborators around the world update information to share security threat information.sss	English Foreign Country Incident Response Information Provision
236		ANY.RUN	https://app.any.run/	A service that provides online static and dynamic malware analysis. Free and paid versions are available.sss	English Tools Foreign Country Sandbox
237		Free Online Website Malware Scanner	https://quttera.com/website-malware-scanner	Online malware scanner provided by Qutterasss	English Tools Foreign Country Website Malware Scan
238		IBM X-Force Exchange	https://exchange.xforce.ibmcloud.com/	It provides a cloud-based platform for sharing threat intelligence that allows users to investigate threats and collaborate with other personnel to respond. Excerpt from [https://www.ibm.com/jp-ja/marketplace/ibm-xforce-exchange]sss	Japanese Tools Information Provision
239		IPinfo	https://ipinfo.io/	This is a very useful site for researching IP addresses used in attacks.sss	Japanese Tools Information Provision
240		JVN iPedia	https://jvndb.jvn.jp/en/	This is a database of vulnerability countermeasure information that is released every day, both in Japan and overseas.sss	Japanese Information Provision
241		Open CVDB	https://www.cloudvulndb.org/	Our goal in this project is to pave the way for a centralized cloud vulnerability database, by cataloging CSP security mistakes and listing the exact steps CSP customers can take to detect or prevent these issues in their own environments. We believe this project can prove the utility of a cloud vulnerability database, bring more transparency into these issues, and ultimately make the cloud even more secure.sss	English Foreign Country Information Provision Cloud Security Cloud Threat Intelligence
242		shodan	https://www.shodan.io/	This is a search site whose purpose is to search all systems connected to the Internet.sss	English Tools Hacking Information Provision
243		Spamhaus	https://www.spamhaus.org/	The Spamhaus Project is an international non-profit organization that tracks spam and related cyber threats such as phishing, malware, botnets, etc., and provides real-time, actionable and highly accurate threat intelligence to the Internet's leading networks, enterprises and security vendors, and works with law enforcement to identify It is an international non-profit organization that works with law enforcement agencies to identify It tracks spam and malware sources around the world. Excerpted from [https://www.spamhaus.org/organization/]sss	English Foreign Country Information Provision
244		SSL Configuration Generator	https://ssl-config.mozilla.org/	This is a site that generates SSL configuration strings for Apache, AWS ALB, AWS ELB, Caddy, Dovecot, HAProxy, lighttpd, MySQL, nginx, Oracle HTTP, Postfix, PostgreSQL, Traefik (beta), etc. with simple operations.sss	English Tools Information Provision
245		SSL Server Test	https://www.ssllabs.com/ssltest/	This is a site that checks if there is a problem with the SSL settings of the target server by simply entering the URL.sss	English Tools Information Provision
246		The ZMap Project	https://zmap.io/	The ZMap project is a collection of open source tools that enable researchers to conduct large-scale studies of the hosts and services that make up the public Internet.sss	English Tools Foreign Country
247		URL Void	https://www.urlvoid.com/	Website Reputation Checker is a website that allows you to check the reputation of a website. It allows you to check if a given site is registered from multiple blacklists.sss	English Tools Information Provision
248		urlhaus	https://urlhaus.abuse.ch/about/	It provides information on suspicious URLs.sss	English Tools Information Provision
249		VirusTotal	https://www.virustotal.com/ja/	A free service that analyzes suspicious files and URLs.sss	Japanese Foreign Country Website Malware Scan
250		vuln.chuseiken	https://vuln.chuseiken.or.jp	当サイトでは脅威インテリジェンスの分野にフォーカスし、サイバー世界での脅威に関する報告や警鐘を目的としております。活動内容：日本企業の保有するドメインの中に存在する脆弱性への注意喚起日本企業において販売・利用されている製品に関する脆弱性への注意喚起ダークウェブやアクターコミュニティにて情報が公開された日本企業への注意喚起報告された脆弱性情報やアクター情報をもとに我が国における脅威の分析と報告	Japanese News Information Provision Japan Corporation
251		Reverse Shell Generator	https://www.revshells.com/	Revshells.com is an online reverse shell generator that allows users to create reverse shell payloads for different operating systems such as Linux, Windows, and Mac. It also provides various encoding options and listener types to suit specific needs for penetration testing and cybersecurity operations.sss	English Tools Foreign Country

community

No	Image	Name	URL	Description	Tag
252		AttakerKB	https://attackerkb.com/	AttackerKB is a community-driven platform designed for cybersecurity professionals, providing detailed technical analyses and evaluations of security vulnerabilities. Users can access the latest information on CVEs, exploitability, and defensive strategies, helping organizations strengthen their cybersecurity posture. The platform encourages collaboration by allowing users to share their insights and experiences related to security threats.sss	English Foreign Country Hacking Information Provision Exploit

conference

No	Image	Name	URL	Description	Tag
253		AppSec USA (OWASP)	https://owasp.glueup.com/event/owasp-2025-global-appsec-usa-washington-dc-131624/	AppSec USA (OWASP) – An annual conference hosted by the Open Web Application Security Project (OWASP), focused on application security and the latest vulnerabilities in web applications.sss	English Organization
254		blackhat	https://www.blackhat.com/	Black Hat is a series of highly technical cybersecurity conferences that offer the latest information on security research, trends, and hacking techniques. It attracts professionals and experts to discuss and analyze vulnerabilities and emerging security threats.sss	English Organization
255		BSides	https://bsides.org/w/page/12194156/FrontPage	BSides – A series of grassroots cybersecurity conferences held around the world, offering a more community-driven and informal approach to discussing security topics.sss	English Organization
256		CODE BLUE	https://codeblue.jp/	CODE BLUE is an international cybersecurity conference that gathers top experts to discuss cutting-edge security research and exchange knowledge. It serves as a platform for both Western and Asian researchers to share findings and collaborate on solutions to global security challenges.sss	Japanese Organization
257		CyberSat Summit	https://www.cybersatsummit.com/	CyberSat Summit – A conference dedicated to satellite security, focused on the intersection of cybersecurity and satellite communications.sss	English Organization
258		DEF CON	https://www.defcon.org/	DEF CON – One of the world’s largest and most well-known hacker conventions, focusing on hands-on security research, vulnerability disclosures, and hacking culture.sss	Japanese Organization
259		HITB Security Conference	https://conference.hitb.org/	Hack in the Box (HITB) Security Conference – A global security event focused on providing in-depth knowledge on the latest hacking techniques and security trends.sss	English Organization
260		Infosecurity Europe	https://www.infosecurityeurope.com/	Infosecurity Europe – A leading information security event, held annually in London, bringing together professionals to discuss the latest trends and threats in cybersecurity.sss	English Organization
261		Positive Hack Days	https://www.phdays.com/	Positive Hack Days (PHDays) is an international cybersecurity festival where people can explore the digital world and learn how to enhance security. The event includes over 500 speakers, 400+ talks, and various activities like interactive installations, workshops, games, and networking opportunities. It attracts cybersecurity professionals, businesses, and enthusiasts worldwide. The event is open to the public with free access, while PRO tickets are available for more in-depth expert sessions. PHDays offers both offline and online participation options.sss	Russia Organization
262		RSA Conference	https://www.rsaconference.com/	The RSA Conference (RSAC) is a leading global event focused on cybersecurity, bringing together professionals to discuss and address the latest challenges and innovations in the field. It features expert-led sessions, keynote speakers, and networking opportunities. The conference provides a platform for sharing knowledge on emerging threats, cybersecurity strategies, and cutting-edge technologies. RSAC also hosts various programs, such as boot camps and forums, to engage professionals at all levels of the industry.sss	English Organization
263		RSA Conference	https://www.rsaconference.com/	RSA Conference – A leading global cybersecurity event, covering a wide range of cybersecurity topics, from threat intelligence to emerging technologies.sss	English Organization
264		SANS	https://www.sans.org/cyber-security-summit/	SANS Institute Cyber Security Summit & Training – Organized by the SANS Institute, this event is an essential gathering for IT security professionals, focusing on training, certifications, and threat management.sss	Japanese Organization
265		ShmooCon	https://www.shmoocon.org/	ShmooCon – A hacker conference that combines a deep dive into cybersecurity with a laid-back atmosphere, known for its engaging presentations and workshops.sss	English Organization

ctf_bug_bounty

No	Image	Name	URL	Description	Tag
266		CRYPTOHACK	https://cryptohack.org/	Learn about modern cryptography by solving a series of interactive puzzles and challenges. Get to know the ciphers and protocols that secure the digital world by breaking them.sss	English Hacking CTF
267		CTF LIVE	https://www.ctf.live/	CTF organized by Pentest Academysss	English Hacking CTF
268		Hacker One	https://www.hackerone.com/	This is a website that provides information for Bug hunters. Many companies use this site to pay bounties for vulnerability reports by hackers.sss	English Hacking Bug Bounty
269		hacking-lab	https://www.hacking-lab.com/index.html	Hacking-Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents.sss	English Hacking CTF
270		Holiday Hack Challenge	https://holidayhackchallenge.com/	The SANS Holiday Hack Challenge is an annual cybersecurity competition that offers a fun and engaging way for individuals to enhance their skills in various areas of cybersecurity. It includes a series of puzzles and challenges that focus on topics such as penetration testing, cryptography, and incident response, aimed at both beginners and advanced professionals.sss	English Foreign Country CTF
271		PICO CTF	https://www.picoctf.com/	We offer free CTF challenges for students. We also hold competitions with cash prizes for the top 10.sss	English Hacking CTF
272		PlaidCTF	https://plaidctf.com/	PlaidCTF is an annual Capture The Flag (CTF) competition that challenges cybersecurity enthusiasts to solve various security-related problems, including cryptography, web exploitation, reverse engineering, and forensics. It is organized by the Plaid Parliament of Pwning (PPP) and is known for its high-quality challenges suitable for both beginners and experts in the field.sss	English Hacking CTF
273		setodaNote CTF	https://ctf.setodanote.net/	(CTF) is a CTF that aims to expand the scope of cyber security by providing contents that arouse curiosity and inquisitiveness so that people who have started to be interested in cyber security can have a deeper interest and learn about it by themselves. Excerpt from [https://ctf.setodanote.net/about]sss	Japanese Hacking CTF
274		WaniCTF	https://wanictf.org/	WaniCTF is a CTF for beginners organized by Wani Hackase, a CTF circle at Osaka University. It will be held on 2021/11/5(Fri) 20:00 ~ 2021/11/7(Sun) 20:00.sss	Japanese School Hacking CTF Education
275		Wechall	https://www.wechall.net/	This site is a collection of wargame sites for learning about security, and you can see which users are participating in which sites, and what their rankings are. If you are looking for a site to study CTF, this site is very useful.sss	Japanese Tools Hacking CTF Education Forensic Pentest Bug Bounty Information Provision Exploit

Low

No	Image	Name	URL	Description	Tag
276		Cyber Security Basic Law	https://laws.e-gov.go.jp/document?lawid=426AC1000000104	The full text of the Basic Act on Cyber Security can be found here.sss	Japanese Law
277		Act on Prohibition of Unauthorized Computer Access, etc.	https://laws.e-gov.go.jp/document?lawid=411AC0000000128	The full text of the Act on the Prohibition of Unauthorized Computer Access can be found here.sss	Japanese Law
278		Telecommunications Business Law	https://laws.e-gov.go.jp/document?lawid=359AC0000000086	The full text of the Telecommunications Business Law can be found here.The Ministry of Internal Affairs and Communications (MIC) has compiled a PDF of the "Telecommunications Business Law" below.https://www.soumu.go.jp/main_content/000580688.pdfsss	Japanese Law

framework

No	Image	Name	URL	Description	Tag
279		Acunetix	https://www.acunetix.com/	A commercial web application security scanner that helps detect vulnerabilities like SQL injection, XSS, and other web app-specific issues. It offers automated scans and manual testing features.sss	English Web Audit FW Audit
280		Arachni	https://ecsypno.com/pages/arachni-web-application-security-scanner-framework	An open-source, high-performance security scanner for web applications. It’s designed for flexibility and can scan for vulnerabilities like XSS, SQL injection, and remote file inclusion.sss	English Web Audit Tools Open Source
281		Burp Suite	https://portswigger.net/burp	A powerful integrated platform for web application security testing. It provides tools for crawling, scanning, and analyzing web applications to identify vulnerabilities like SQL injection, XSS, and more.sss	English Web Audit Tools Hacking
282		Gophish	https://getgophish.com/	This is an open source phishing framework. It is the perfect tool if you want to conduct targeted email training and education on phishing within your company without incurring any costs.sss	Japanese Tools Targeted Email Attack Training Social engineering
283		IronWASP	https://sboxr.com	A web application security testing platform with a user-friendly GUI. It offers various plugins to help identify and fix security issues in web applications.sss	English Web Audit Tools
284		Nikto	https://cirt.net/Nikto2	A web server scanner that identifies potential security issues and vulnerabilities in web applications, such as outdated software and configuration flaws.sss	English Web Audit Tools
285		OWASP ZAP (Zed Attack Proxy)	https://www.zaproxy.org/	An open-source security testing tool developed by OWASP. It is used for finding security vulnerabilities in web applications during the development and testing phases.sss	English Web Audit Tools Hacking
286		Samurai Web Testing Framework	http://www.samurai-wtf.org/	Web penetration testing virtual machine built on open source software.sss	English Tools Open Source
287		Selenium	https://www.selenium.dev/	A popular framework for automating web browsers. While it’s mainly used for testing the functionality of web applications, it can also be used for security testing by simulating attack patterns.sss	English Tools Open Source
288		Skipfish	https://code.google.com/archive/p/skipfish/	A fast, automated web application security scanner. It uses a lightweight approach to discover vulnerabilities and generate detailed reports.sss	English Web Audit Tools
289		w3af	http://docs.w3af.org/en/latest/index.html	w3af is a complete environment for auditing and exploiting Web applications. This environment provides a solid platform for web vulnerability assessments and penetration tests.sss	English Web Audit Tools
290		Wapiti	https://wapiti.sourceforge.io/	An open-source web application scanner that performs black-box testing to identify vulnerabilities, including SQL injection, XSS, and file disclosure vulnerabilities.sss	English Web Audit Tools Open Source
291		WebScarab	https://wiki.owasp.org/index.php/Category:OWASP_WebScarab_Project	An open-source framework for web application analysis and penetration testing. It allows for intercepting and analyzing HTTP/HTTPS traffic and discovering vulnerabilities.sss	English Web Audit Tools Open Source

vulnerable_site

No	Image	Name	URL	Description	Tag
292		Bad SNS	https://github.com/nishimunea/badsns	This is a site created by Mr.Nishimura of Recruit Technologies using Ruby on Rails.sss	Japanese CTF Education
293		Bad Store	https://www.vulnhub.com/entry/badstore-123,41/	This is a shopping site for vulnerability assessment practice. It is an old application, but basic vulnerability study can be done.sss	English CTF Education
294		bWAPP	http://www.itsecgames.com/	An intentionally vulnerable web application designed to help security professionals practice web application security techniques.sss	English Web Audit Education
295		CTF365	https://www.ctf365.com/	A cybersecurity training platform with Capture The Flag (CTF) challenges that simulate real-world hacking environments.sss	English Hacking CTF Education
296		easybuggy4django	https://github.com/k-tamura/easybuggy4django/	k-tamuraさんが作成したDjangoで作成されたやられサイトです。	Japanese CTF Education
297		HackThisSite	https://www.hackthissite.org/	A free and legal platform to practice web security skills through challenges and missions.sss	English Web Audit Game Audit Education
298		Naumachia	https://www.naumachiactf.com/	This is an open source project that uses Docker to build local networks and vulnerable servers.sss	English CTF Education Pentest Open Source Exploit
299		OWASP Juice Shop	https://owasp.org/www-project-juice-shop/	A modern web application intentionally designed to be insecure for educational purposes, covering a broad range of vulnerabilities.sss	English Hacking CTF Education
300		OWASP Mutillidae 2 Project	https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project	This is a site where you can learn about vulnerabilities and actually attack vulnerabilities. It is easy to build, and I recommend setting it up if you want to learn about vulnerabilities.sss	English CTF Education