DATA VULNERABILITY TOOLS
WPScan is a service that catalogs vulnerabilities in WordPress Core and WordPress plugins and themes. Developers can integrate their non-commercial software with the site’s database using API. Free vulnerability alerts over email are available.
BreachAlarm is a service that scans the Internet for stolen passwords and generates alerts if a password of yours is on the list of credentials compromised in a data breach. Their anonymous service lets you check whether a malicious agent has posted any of your passwords online. Real-time alerting is available.
Rapid7’s vulnerability database comprises about 70,000 vulnerabilities and links them to relevant groups and additional technical documentation. Their other free tools include Injection Cheat Sheet and SQL Injection Cheat Sheet.
CVE Details offers a huge list of known security vulnerabilities. You can browse or search vulnerabilities by vendors and products as well as by date or type. The site assigns a severity score to each vulnerability to help visitors identify the ones that need immediate patching.
BREACH LEVEL INDEX
The service provided by The Breach Level Index tracks publicly disclosed data breaches and offers a risk assessment service. Their Risk Calculator enables you to check your risk score and assess breach level severity.
The NVD is the U.S. government repository of standards based vulnerability management data. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.