Application Security
Essential tools and best practices for securing software applications throughout their lifecycle.Explore 246 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
Utility for comparing control flow graph signatures to Android methods with scanning capabilities for malicious applications.
Utility for comparing control flow graph signatures to Android methods with scanning capabilities for malicious applications.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.
ConDroid performs concolic execution of Android apps to observe 'interesting' behavior in dynamic analysis.
ESLint plugin to prevent Trojan Source attacks.
ESLint plugin to prevent Trojan Source attacks.
Identifies misconfigured CloudFront domains vulnerable to hijacking
Identifies misconfigured CloudFront domains vulnerable to hijacking
Python-based web server framework for setting up fake web servers and services with precise data responses.
Python-based web server framework for setting up fake web servers and services with precise data responses.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A security feature to prevent unexpected manipulation of fetched resources.
A security feature to prevent unexpected manipulation of fetched resources.
A Rust-based command-line tool for analyzing .apk files to detect vulnerabilities.
A Rust-based command-line tool for analyzing .apk files to detect vulnerabilities.
Curiefense is an application security platform that protects against various threats and offers community involvement.
Curiefense is an application security platform that protects against various threats and offers community involvement.
A Java API for searching and downloading Android applications from Google Play with additional check-in features for generating ANDROID-ID.
A Java API for searching and downloading Android applications from Google Play with additional check-in features for generating ANDROID-ID.
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL