Loading...
OpenRASP is a free Mobile App Security tool. Security professionals most commonly compare it with ProbeDroid, diff-gui. All 112 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to OpenRASP, including their key features and shared capabilities.
Dynamic Java code instrumentation kit for Android applications.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
Mobile security testing platform for Android and iOS apps with SAST and DAST
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
AI-enhanced mobile app security scanner for Android & iOS with SAST/DAST
Mobile app security testing platform for Android and iOS apps
Mobile app security testing and runtime protection platform
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
Mobile security testing platform for Android and iOS apps with SAST and DAST
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
AI-enhanced mobile app security scanner for Android & iOS with SAST/DAST
Mobile app security testing platform for Android and iOS apps
Mobile app security testing and runtime protection platform
Unified mobile app security platform with SAST, DAST, and API testing
AI-powered mobile app security platform with SAST, DAST, and API testing
Training course for Android and iOS mobile app security testing and exploitation
Mobile app security testing platform for Android and iOS applications
Mobile app security testing combining vuln assessment, pentesting & forensics
Android app protection tool with obfuscation, encryption, and RASP
Server-side mobile app attestation verifying app integrity and API access
Risk assessment platform for third-party mobile apps in enterprise networks
Android app security validation service for Google Play MASA certification
Automated mobile app security testing platform for iOS and Android apps
Mobile app risk management platform for data security and privacy testing
Mobile app security testing platform for identifying data security risks
Mobile app security solution protecting against reverse engineering & attacks
Mobile app security platform for DevSecOps teams across app lifecycle
Agentic AI platform that automates 400+ security defenses into Android and iOS mobile
Mobile app security platform for enterprises across multiple industries
Codeless mobile app protection platform for Android and iOS applications
Runtime app protection for iOS & Android against tampering & malware
JavaScript obfuscation tool for protecting code from reverse engineering
C# obfuscation & encryption tool for .NET, MAUI, and Xamarin apps
RASP solution securing mobile apps and APIs across Android, iOS, and HarmonyOS at runtime.
AI-powered mobile app security platform with device binding and threat detection
Mobile app threat intelligence platform with cloud-based detection & response
AI-driven mobile app hardening with cryptographic individualization
Mobile app SSL certificate pinning solution with dynamic configuration
Mobile app shielding and in-app protection for mobile applications
Korean cybersecurity firm offering mobile, network, app, and DB security products.
Android app dynamic behavior analysis system using sandbox technology.
Mobile app security audit covering code review, DAST, SAST, and pentesting.
Runtime RASP platform securing Android & iOS apps with no-code deployment.
Binary-level firmware protection for embedded systems, no source code needed.
Ad ecosystem security platform blocking malvertising, redirects & mobile threats.
App hardening platform with RASP, obfuscation, and threat monitoring.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Code to prevent a managed .NET debugger/profiler from working.
A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
A tool for extracting static and dynamic features from Android APKs.
A full python tool for analyzing Android files with various functionalities.
A security checklist based on OWASP standards that provides comprehensive guidelines for designing, testing, and releasing secure Android applications.
Python wrapper for Android APK decompilation with various converter and decompiler options.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.
AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.
Docker file for building Androguard dependencies with an optional interactive shell environment.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.
A lightweight library for device identification and fingerprinting, written in Kotlin and 100% crash-free.
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
One stop shop for decompiling Android apps with a focus on regenerating R references.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
InsecureShop is an intentionally vulnerable Android application built in Kotlin for educating developers and security professionals about mobile app vulnerabilities and penetration testing techniques.
DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.
Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.
ReFlutter is a reverse engineering framework that uses patched Flutter libraries to enable dynamic analysis and traffic monitoring of Flutter mobile applications on Android and iOS platforms.
Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.
Innovative tool for mobile security researchers to analyze targets with static and dynamic analysis capabilities and sharing functionalities.
Andromeda makes reverse engineering of Android applications faster and easier.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
Automates the process of preparing Android APK files for HTTPS inspection
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A tool for dynamic analysis of mobile applications in a controlled environment.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
Common questions security professionals ask when evaluating alternatives and competitors to OpenRASP.
The most popular alternatives to OpenRASP include ProbeDroid, diff-gui, ELFcrypt, Ostorlab Mobile Security, and ImmuniWeb® MobileSuite. These Mobile App Security tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
