Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

CyberSecTools

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

LINKS

Blog Contact

LEGAL

Terms of services Privacy policy

Application Security

Essential tools and best practices for securing software applications throughout their lifecycle.Explore 246 curated tools and resources

Search tools and resources by name, description, or purpose... (⌘+K)

All

Free

Commercial

Task

Home
Categories
Application Security

PINNED

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
2
Commercial
Digital Forensics
Osint
Information Security
Security Tools
Data Breach
Reconnaissance
Security Research
Threat Intelligence
Red Team
Blue Team
Vulnerability Assessment
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
2
Commercial
Digital Forensics
Osint
Information Security
Security Tools
+7
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
Dark Web Monitoring
Cloud Security
Vulnerability Management
Compliance
Third Party Risk
Threat Intelligence
Security Monitoring
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
0
Commercial
Attack Surface Management
Attack Surface Management
Attack Surface
Continuous Monitoring
+7
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
Software Supply Chain
Open Source
Sbom
Security Scanning
Devsecops
Vulnerability Detection
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
1
Commercial
Application Security
Application Security
Dependency Scanning
Vulnerability Management
+6
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
Waf
Ddos
Bot Detection
Machine Learning
Api Discovery
Threat Prevention
Zero Day
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
1
Commercial
Application Security
Web App Security
Api Security
Cloud Security
+7
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
Compliance
Container Security
Cloud Compliance
Api Security
Kubernetes Security
Security Monitoring
Security Automation
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
0
Commercial
Cloud Security
Cloud Security
Cloud Native
Vulnerability Management
+7
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
Static Analysis
Security Automation
Devsecops
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
1
Commercial
Application Security
Application Security
Github
Code Security
+3

LATEST ADDITIONS

Hardened malloc
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
0
Free
Application Security
Hardening
Performance
Hardened malloc
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
0
Free
Application Security
Hardening
Performance
Damn Vulnerable Web Application (DVWA)
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
0
Free
Application Security
Appsec
Appsec Testing
Dvwa
Php
Mysql
Web App Security
Vulnerable Apps
Damn Vulnerable Web Application (DVWA)
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
0
Free
Application Security
Appsec
Appsec Testing
Dvwa
+4
Argus-SAF
Argus-SAF is a static analysis framework for security vetting Android applications.
0
Free
Application Security
Static Analysis
Mobile Security
Argus-SAF
Argus-SAF is a static analysis framework for security vetting Android applications.
0
Free
Application Security
Static Analysis
Mobile Security
Anti-Trojan-Source
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
0
Free
Application Security
Malware Detection
Anti-Trojan-Source
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
0
Free
Application Security
Malware Detection
XSSer
Automatic tool for pentesting XSS attacks against different applications
0
Free
Application Security
Xss
Pentesting
Web App Security
Vulnerability Scanning
Security Research
XSSer
Automatic tool for pentesting XSS attacks against different applications
0
Free
Application Security
Xss
Pentesting
Web App Security
+2
damnvulnerable.me
A deliberately vulnerable modern day app with lots of DOM related bugs
0
Free
Application Security
Appsec
Bug Bounty
Csrf
Penetration Testing
Security Research
Web Security
Xss
damnvulnerable.me
A deliberately vulnerable modern day app with lots of DOM related bugs
0
Free
Application Security
Appsec
Bug Bounty
Csrf
+4
ARM TrustZone
ARM TrustZone provides a secure execution environment for applications on ARM processors.
0
Free
Application Security
Arm
Security
ARM TrustZone
ARM TrustZone provides a secure execution environment for applications on ARM processors.
0
Free
Application Security
Arm
Security
Confused
A tool for identifying potential security vulnerabilities in dependency configurations by checking for lingering free namespaces for private package names.
0
Free
Application Security
Dependency Management
Dependency Scanning
Package Management
Security Audit
Vulnerability Detection
Confused
A tool for identifying potential security vulnerabilities in dependency configurations by checking for lingering free namespaces for private package names.
0
Free
Application Security
Dependency Management
Dependency Scanning
Package Management
+2
PhoneyC
A tool for building and installing PhoneyC with optional Python version configuration and root privileges.
0
Free
Application Security
Binary Security
File Analysis
Reverse Engineering
Binary Analysis
Emulation
PhoneyC
A tool for building and installing PhoneyC with optional Python version configuration and root privileges.
0
Free
Application Security
Binary Security
File Analysis
Reverse Engineering
+2
Androguard
A full python tool for analyzing Android files with various functionalities.
0
Free
Application Security
Dex
Apk
Binary Analysis
File Analysis
Frida
Androguard
A full python tool for analyzing Android files with various functionalities.
0
Free
Application Security
Dex
Apk
Binary Analysis
+2
ModSecurity
ModSecurity is an open-source web application firewall that provides a flexible and scalable way to monitor and control HTTP traffic.
0
Free
Application Security
Web App Security
Waf
Web Application Firewall
Security Rules
ModSecurity
ModSecurity is an open-source web application firewall that provides a flexible and scalable way to monitor and control HTTP traffic.
0
Free
Application Security
Web App Security
Waf
Web Application Firewall
+1
Blankie
A CSP plugin for hapi with per-route configuration options.
0
Free
Application Security
Csp
Hapi
Content Security Policy
Plugin
Security
Blankie
A CSP plugin for hapi with per-route configuration options.
0
Free
Application Security
Csp
Hapi
Content Security Policy
+2
Frida
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
0
Free
Application Security
Frida
Reverse Engineering
Security Research
Cli Tool
Binary Analysis
Frida
Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
0
Free
Application Security
Frida
Reverse Engineering
Security Research
+2
XSS Polyglot Challenge
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
0
Free
Application Security
Xss
Xss Payload
Security Testing
Web Security
XSS Polyglot Challenge
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
0
Free
Application Security
Xss
Xss Payload
Security Testing
+1

Application Security

RELATED TASKS

PINNED

OSINTLeak

OSINTLeak

ImmuniWeb® Discovery

ImmuniWeb® Discovery

Checkmarx SCA

Checkmarx SCA

Check Point CloudGuard WAF

Check Point CloudGuard WAF

Orca Security

Orca Security

DryRun

DryRun

LATEST ADDITIONS

Hardened malloc

Hardened malloc

Damn Vulnerable Web Application (DVWA)

Damn Vulnerable Web Application (DVWA)

Argus-SAF

Argus-SAF

Anti-Trojan-Source

Anti-Trojan-Source

XSSer

XSSer

damnvulnerable.me

damnvulnerable.me

ARM TrustZone

ARM TrustZone

Confused

Confused

PhoneyC

PhoneyC

Androguard

Androguard

ModSecurity

ModSecurity

Blankie

Blankie

Frida

Frida

XSS Polyglot Challenge

XSS Polyglot Challenge