Application Security
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle.
Explore 305 curated cybersecurity tools, with 14,630+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Original SmaliHook Java source for Android cracking and reversing.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.
OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.
OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Docker file for building Androguard dependencies with an optional interactive shell environment.
Docker file for building Androguard dependencies with an optional interactive shell environment.
DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.
DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
A Python script that scans Nexus Repository Manager for artifacts with identical names across repositories to identify dependency confusion attack vulnerabilities.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.
Identifies 137 malicious npm packages and gathers system information to a remote server.
Identifies 137 malicious npm packages and gathers system information to a remote server.
