Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Browse 686 application security tools
FEATURED
RELATED TASKS
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
A tool that reveals invisible links within JavaScript files
GAUNTLT - Security and Rugged Testing tool
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
A community effort to compile security advisories for Ruby libraries with a detailed directory structure.
Find leaked credentials by scanning repositories for high entropy strings.
Find leaked credentials by scanning repositories for high entropy strings.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
Argus-SAF is a static analysis framework for security vetting Android applications.
Argus-SAF is a static analysis framework for security vetting Android applications.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
A dependency security scanner that identifies potential supply chain vulnerabilities by checking for available package namespace registrations across Python, JavaScript, PHP, and Maven repositories.
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
A full python tool for analyzing Android files with various functionalities.
A full python tool for analyzing Android files with various functionalities.
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
CakeFuzzer is an automated vulnerability discovery tool specifically designed for identifying security issues in CakePHP web applications with minimal false positives.
CakeFuzzer is an automated vulnerability discovery tool specifically designed for identifying security issues in CakePHP web applications with minimal false positives.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A key and secret validation workflow tool built in Rust, supporting over 30 providers and exporting to JSON or CSV.
A key and secret validation workflow tool built in Rust, supporting over 30 providers and exporting to JSON or CSV.
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
Application Security Tools - FAQ
Common questions about Application Security tools including selection guides, pricing, and comparisons.
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
