Cyber Security

SAST Tools:

• SonarQube

• Fortify Static Code Analyzer (by OpenText)

• GitHub Advanced Security (CodeQL): 

• Reshift: Focus on JavaScript & TypeScript, CI-first SAST for modern web apps

DAST Tools:

• Burp Suite Pro: Most used, strong for manual + semi-auto DAST, ⭐ 1–3

• Acunetix: Highly automated, user-friendly, fast scanning, good for devs, ⭐ 1–3

• Netsparker (by Invicti): Same vendor as Acunetix, better for enterprise use

• OWASP ZAP: Open-source, strong community, good for small teams, Top 5

• AppScan (HCL): Strong in regulated sectors, enterprise-level, Top 5

• Qualys WAS: Scales well, part of Qualys suite

Simulation Sites:

• TryHackMe

• HackTheBox

• OverTheWrite