Application Security
Essential tools and best practices for securing software applications throughout their lifecycle.Explore 246 curated tools and resources
Search tools and resources by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
LATEST ADDITIONS
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A brute-force protection middleware for express routes that rate-limits incoming requests.
Firejail is a SUID sandbox program for restricting the running environment of untrusted applications on Linux.
Firejail is a SUID sandbox program for restricting the running environment of untrusted applications on Linux.
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
Deliberately vulnerable web application for educational purposes.
Deliberately vulnerable web application for educational purposes.
This article discusses the different types of remote timing attacks and provides defense strategies against them.
This article discusses the different types of remote timing attacks and provides defense strategies against them.
Enhance your Android experience with the AMAaaS Agent APK for better performance and improved user experience.
Enhance your Android experience with the AMAaaS Agent APK for better performance and improved user experience.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
IDAPython plugin for generating Yara rules/patterns from x86/x86-64 code through parameterization.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Falco is a cloud native runtime security tool for Linux operating systems that detects and alerts on abnormal behavior and potential security threats in real-time.
Falco is a cloud native runtime security tool for Linux operating systems that detects and alerts on abnormal behavior and potential security threats in real-time.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.