Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Application Security

Essential tools and best practices for securing software applications throughout their lifecycle.Explore 312 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Categories
Application Security

RELATED TASKS

access-management (1)ai (15)ai-security (1)alerting (1)analytics (1)androguard (1)android (20)android-security (17)anti-forensics (1)antivirus (1)

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

PortSwigger
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
0
Free
Application Security
Appsec
App Security
Bug Bounty
Compliance
Penetration Testing
Web Application Security
Web Security
PortSwigger
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
0
Free
Application Security
Appsec
App Security
Bug Bounty
+4
App Detonator
A tool for dynamic analysis of mobile applications in a controlled environment.
0
Free
Application Security
Appsec
Mobile Security
Dynamic Analysis
Malware Detection
Vulnerability Detection
App Detonator
A tool for dynamic analysis of mobile applications in a controlled environment.
0
Free
Application Security
Appsec
Mobile Security
Dynamic Analysis
+2
FSquaDRA
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
0
Free
Application Security
Android
Android Security
Mobile Security
Apk
Malware Detection
Application Security
Security Analysis
Java
Static Analysis
Research
FSquaDRA
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
0
Free
Application Security
Android
Android Security
Mobile Security
+7
Websecurify
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
0
Free
Application Security
Appsec
Security Audit
Websecurify
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
0
Free
Application Security
Appsec
Security Audit
is-website-vulnerable
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
0
Free
Application Security
Application Security
Vulnerability Scanning
Javascript
Web Security
Cli
Docker
Github
Vulnerability Detection
Library
is-website-vulnerable
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
0
Free
Application Security
Application Security
Vulnerability Scanning
Javascript
+6
@fastify/csrf-protection
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
0
Free
Application Security
Application Security
Web Security
Csrf
Nodejs
Fastify
Web Application Security
Npm
Javascript
Appsec
@fastify/csrf-protection
A Fastify plugin that provides utilities and middleware to protect web applications against Cross-Site Request Forgery (CSRF) attacks.
0
Free
Application Security
Application Security
Web Security
Csrf
+6
JavaScript Beautifier
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
0
Free
Application Security
Javascript
JavaScript Beautifier
Reformat and re-indent bookmarklets, ugly JavaScript, and unpack scripts with options available via UI.
0
Free
Application Security
Javascript
ProbeDroid
Dynamic Java code instrumentation kit for Android applications.
0
Free
Application Security
Java
Instrumentation
Dynamic Analysis
ProbeDroid
Dynamic Java code instrumentation kit for Android applications.
0
Free
Application Security
Java
Instrumentation
Dynamic Analysis
yaramod
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
0
Free
Application Security
Yara
Rule Engine
Parser
C
Python
Pip
yaramod
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
0
Free
Application Security
Yara
Rule Engine
Parser
+3
N-Stalker
A web security tool that scans for vulnerabilities and known attacks.
0
Free
Application Security
Appsec
Devsecops
Vulnerability Scanning
Web Security
Xss
Sql Injection
N-Stalker
A web security tool that scans for vulnerabilities and known attacks.
0
Free
Application Security
Appsec
Devsecops
Vulnerability Scanning
+3
Kiterunner
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
0
Free
Application Security
Bruteforce
Api Security
Kiterunner
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
0
Free
Application Security
Bruteforce
Api Security
EoHoneypotBundle
A honeypot trap for Symfony2 forms to reduce spam submissions.
0
Free
Application Security
Honeypot
Spam Prevention
EoHoneypotBundle
A honeypot trap for Symfony2 forms to reduce spam submissions.
0
Free
Application Security
Honeypot
Spam Prevention
Lambda-Proxy
Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.
0
Free
Application Security
Application Security
Aws
Lambda
Sql Injection
Penetration Testing
Serverless
Vulnerability Testing
Proxy
Security Testing
Cloud Security
Lambda-Proxy
Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.
0
Free
Application Security
Application Security
Aws
Lambda
+7
DOMPurify
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
0
Free
Application Security
Xss
Security
Javascript
Nodejs
DOMPurify
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
0
Free
Application Security
Xss
Security
Javascript
+1
Tetragon
Real-time, eBPF-based Security Observability and Runtime Enforcement component
0
Free
Application Security
Ebpf
Kubernetes
File Access
Tetragon
Real-time, eBPF-based Security Observability and Runtime Enforcement component
0
Free
Application Security
Ebpf
Kubernetes
File Access
Cyclops
A browser with XSS detection capabilities
0
Free
Application Security
Xss
Browser
Security Testing
Web Security
Windows
Cyclops
A browser with XSS detection capabilities
0
Free
Application Security
Xss
Browser
Security Testing
+2
Mobile Audit
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
0
Free
Application Security
Android
Apk
Sast
Malware Analysis
Static Analysis
Mobile Security
Docker
Application Security
Virus Total
Certificate
Mobile Audit
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
0
Free
Application Security
Android
Apk
Sast
+7
DVTA - Vulnerable Thick Client Application
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
0
Free
Application Security
Csharp
Net
Vulnerable App
Sql Injection
DVTA - Vulnerable Thick Client Application
DVTA is a Vulnerable Thick Client Application with various security vulnerabilities.
0
Free
Application Security
Csharp
Net
Vulnerable App
+1
git-all-secrets
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
0
Free
Application Security
Git
Secret Detection
Security Audit
Compliance
Automation
Source Code Analysis
Appsec
Security Scanning
Open Source
Devsecops
git-all-secrets
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
0
Free
Application Security
Git
Secret Detection
Security Audit
+7
Hardened malloc
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
0
Free
Application Security
Hardening
Performance
Hardened malloc
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
0
Free
Application Security
Hardening
Performance
Damn Vulnerable Web Application (DVWA)
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
0
Free
Application Security
Vulnerable App
Educational
Web Application Security
Php
Mysql
Security Training
Penetration Testing
Dvwa
Vulnerable Applications
Appsec Training
Damn Vulnerable Web Application (DVWA)
A deliberately vulnerable PHP/MySQL web application designed for security training, testing, and educational purposes in controlled environments.
0
Free
Application Security
Vulnerable App
Educational
Web Application Security
+7
Argus-SAF
Argus-SAF is a static analysis framework for security vetting Android applications.
0
Free
Application Security
Static Analysis
Mobile Security
Argus-SAF
Argus-SAF is a static analysis framework for security vetting Android applications.
0
Free
Application Security
Static Analysis
Mobile Security
Anti-Trojan-Source
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
0
Free
Application Security
Malware Detection
Anti-Trojan-Source
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
0
Free
Application Security
Malware Detection
XSSer
Automatic tool for pentesting XSS attacks against different applications
0
Free
Application Security
Xss
Pentesting
Web App Security
Vulnerability Scanning
Security Research
XSSer
Automatic tool for pentesting XSS attacks against different applications
0
Free
Application Security
Xss
Pentesting
Web App Security
+2

Previous
8
9
10
11
12
13
Next