Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Browse 686 application security tools
FEATURED
RELATED TASKS
A static analysis tool for Android apps that detects malware and other malicious code
A static analysis tool for Android apps that detects malware and other malicious code
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
A PHP 5.x polyfill for random_bytes() and random_int() created by Paragon Initiative Enterprises.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
A curated list documenting open-source projects that incorporate political protests in their software, ranging from messages to conditional malware.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.
A library for generating random numbers and strings of various strengths, useful in security contexts.
A library for generating random numbers and strings of various strengths, useful in security contexts.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
Helm plugin for cryptographically signing and verifying charts with GnuPG integration.
Helm plugin for cryptographically signing and verifying charts with GnuPG integration.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
Lint lockfiles for improved security and trust policies.
Lint lockfiles for improved security and trust policies.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A tool to prevent prototype poisoning in JSON parsing.
A tool to prevent prototype poisoning in JSON parsing.
drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.
drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.
Package verification tool for npm with various verification and testing capabilities.
Package verification tool for npm with various verification and testing capabilities.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
Web-application vulnerability scanner with extensive coverage of security testing modules.
Web-application vulnerability scanner with extensive coverage of security testing modules.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
Fuzzapi is a Rails application with a user-friendly UI for API_Fuzzer gem and Docker setup.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Application Security Tools - FAQ
Common questions about Application Security tools including selection guides, pricing, and comparisons.
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
