Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Explore 314 curated cybersecurity tools, with 15,390 visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
ReFlutter is a reverse engineering framework that uses patched Flutter libraries to enable dynamic analysis and traffic monitoring of Flutter mobile applications on Android and iOS platforms.
ReFlutter is a reverse engineering framework that uses patched Flutter libraries to enable dynamic analysis and traffic monitoring of Flutter mobile applications on Android and iOS platforms.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
NodeGoat provides an environment to learn and address OWASP Top 10 security risks in Node.js web applications.
A security feature to prevent unexpected manipulation of fetched resources.
A security feature to prevent unexpected manipulation of fetched resources.
A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.
A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.
Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.
Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.
A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.
DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A static analysis tool for Android apps that detects malware and other malicious code
A static analysis tool for Android apps that detects malware and other malicious code
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
A library for generating random numbers and strings of various strengths, useful in security contexts.
A library for generating random numbers and strings of various strengths, useful in security contexts.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
Helm plugin for cryptographically signing and verifying charts with GnuPG integration.
Helm plugin for cryptographically signing and verifying charts with GnuPG integration.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
Lint lockfiles for improved security and trust policies.
Lint lockfiles for improved security and trust policies.
Application Security Tools - FAQ
Common questions about Application Security tools including selection guides, pricing, and comparisons.
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
