Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Explore 305 curated cybersecurity tools, with 14,630+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
Obtain GraphQL API schema even if the introspection is disabled
Pre-commit hook for validating outgoing changeset
A Burp Suite extension that formats GraphQL requests for easier reading
A Burp Suite extension that formats GraphQL requests for easier reading
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
JavaScript library scanner and SBOM generator
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
A sensitive data detection tool for scanning source code repositories
A sensitive data detection tool for scanning source code repositories
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
Allstar is a GitHub App that continuously monitors repositories and organizations for security policy violations, creating alerts when best practices are not followed.
IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.
IronBee is an open source web application security sensor framework that provides detection and prevention capabilities for web application vulnerabilities.
A Scriptable Android Debugger for reverse engineers and developers.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
Hapi is a Node.js web application framework that provides built-in functionality for building scalable server-side applications and APIs with security features and plugin architecture.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
Track postMessage usage with this Chrome Extension
Track postMessage usage with this Chrome Extension
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
A Node.js middleware module that automatically enforces HTTPS connections by redirecting HTTP requests to HTTPS URLs in Express.js applications.
DOM-based XSS vulnerability scanner
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
AuditJS is a command-line tool that scans JavaScript projects for known vulnerabilities and outdated packages in npm dependencies using the OSS Index API or Nexus IQ Server.
Automates the process of preparing Android APK files for HTTPS inspection
Automates the process of preparing Android APK files for HTTPS inspection
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
