Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Browse 575 application security tools
FEATURED
RELATED TASKS
Package verification tool for npm with various verification and testing capabilities.
Package verification tool for npm with various verification and testing capabilities.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
Web-application vulnerability scanner with extensive coverage of security testing modules.
Web-application vulnerability scanner with extensive coverage of security testing modules.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
A community website for API security news, vulnerabilities, and best practices
A community website for API security news, vulnerabilities, and best practices
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
Gamma Ray is a software that helps developers to look for vulnerabilities on their Node.js applications with a pluggable infrastructure for integration with vulnerabilities databases.
A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.
A command line tool that automates vulnerability scanning of Ruby gems and Rails stack components by identifying CVE vulnerabilities in detected technology versions.
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.
Checkov is a static analysis tool that scans infrastructure as code and performs software composition analysis to detect security misconfigurations and vulnerabilities in cloud infrastructure and dependencies.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
Python tool for monitoring user-select APIs in Android apps using Frida.
Python tool for monitoring user-select APIs in Android apps using Frida.
Python wrapper for Android APK decompilation with various converter and decompiler options.
Python wrapper for Android APK decompilation with various converter and decompiler options.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
DumpsterDiver analyzes large datasets to detect hardcoded secrets, keys, and passwords using entropy calculations and customizable search rules.
DumpsterDiver analyzes large datasets to detect hardcoded secrets, keys, and passwords using entropy calculations and customizable search rules.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
LunaTrace is an open source supply chain security tool that monitors software dependencies for vulnerabilities and integrates with GitHub to notify developers of security issues before deployment.
Utilize the kernel's CSPRNG for generating crypto keys instead of userspace CSPRNGs to avoid randomness failures.
Utilize the kernel's CSPRNG for generating crypto keys instead of userspace CSPRNGs to avoid randomness failures.
Application Security Tools - FAQ
Common questions about Application Security tools including selection guides, pricing, and comparisons.
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
