The security toolkit
we actually use.
A curated collection of tools, frameworks, and references used by our advisory team. No affiliate links. No sponsored placements. Just the tools that work.
Vulnerability and Security Testing
Analyse the SSL/TLS configuration of any web server. Industry standard for certificate and protocol assessment.
Visit ↗Scan any domain for missing HTTP security headers. Essential for web application security posture.
Visit ↗Open-source web application security scanner used by security professionals worldwide.
Visit ↗Network discovery and security auditing. Industry standard for network scanning and host discovery.
Visit ↗Search engine for internet-connected devices. Used for attack surface discovery and exposure assessment.
Visit ↗Data Breach and Identity
Check if an email address has appeared in known data breaches. Essential for credential monitoring.
Visit ↗Breach monitoring service. Useful for ongoing personal and corporate email monitoring.
Visit ↗Search engine for breached credentials and leaked data. Used in threat intelligence and incident response.
Visit ↗DNS and Email Security
Comprehensive DNS and email security diagnostics. Check SPF, DKIM, DMARC, MX records, and blacklists.
Visit ↗Analyse and monitor DMARC configuration. Essential for protecting your domain from email spoofing.
Visit ↗Global DNS propagation checker. Verify DNS changes have propagated across global resolvers.
Visit ↗Frameworks and Standards
The updated NIST CSF — the most widely adopted security framework globally.
Visit ↗Nigeria Data Protection Act 2023 — official text and NDPC guidelines. Mandatory reading for Nigerian data controllers.
Visit ↗Annotated GDPR text with recitals and article-level commentary. The best free GDPR reference available.
Visit ↗AICPA Trust Services Criteria — the definitive reference for SOC 2 audit requirements.
Visit ↗Prescriptive configuration guides for operating systems, cloud platforms, and applications.
Visit ↗Cloud Security
Open-source cloud security tool for AWS, Azure, and GCP. Checks against CIS benchmarks and compliance frameworks.
Visit ↗Multi-cloud security auditing tool. Assesses cloud infrastructure against security best practices.
Visit ↗Centralised security findings across AWS accounts. Automated checks against CIS AWS Foundations Benchmark.
Visit ↗Security posture measurement for Microsoft 365 and Azure with prioritised improvement recommendations.
Visit ↗Password and Cryptography
Open-source password manager. Recommended for teams needing enterprise-grade credential management.
Visit ↗Local password manager. Ideal for air-gapped environments or organisations with strict data residency requirements.
Visit ↗Browser-based tool for encryption, encoding, and data analysis. Used extensively by security professionals.
Visit ↗Built by Secura Consults
In addition to curating third-party tools, we build our own compliance assessment tools — free and paid.