Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Explore 305 curated cybersecurity tools, with 14,630+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
Snyk Code is a real-time SAST tool that provides secure code analysis and actionable remediation advice to prevent code delays and ensure secure development.
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.
Checkmarx One SAST is a static application security testing tool that combines speed and security to improve developer experience.
Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.
Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
VIDOC is an AI-powered security tool that automates code review, detects and fixes vulnerabilities, and monitors external security, ensuring the integrity of both human-written and AI-generated code in software development pipelines.
A tool to find XSS vulnerabilities in web applications
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A fast and simple DOM based XSS vulnerability scanner
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
