Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Explore 314 curated cybersecurity tools, with 15,390 visitors searching for solutions
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A fast and simple DOM based XSS vulnerability scanner
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
Obtain GraphQL API schema even if the introspection is disabled
Pre-commit hook for validating outgoing changeset
A Burp Suite extension that formats GraphQL requests for easier reading
A Burp Suite extension that formats GraphQL requests for easier reading
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
JavaScript library scanner and SBOM generator
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
A sensitive data detection tool for scanning source code repositories
A sensitive data detection tool for scanning source code repositories
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.
IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.
A Scriptable Android Debugger for reverse engineers and developers.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
Track postMessage usage with this Chrome Extension
Track postMessage usage with this Chrome Extension
Application Security Tools - FAQ
Common questions about Application Security tools including selection guides, pricing, and comparisons.
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
