Dynamic Application Security Testing Tools
Dynamic Application Security Testing (DAST) tools for dynamic application security testing that identify vulnerabilities in running web applications and APIs through automated scanning.
Browse 90 dynamic application security testing tools
FEATURED
Data verified Apr 2026
USE CASES
90 tools · 35 free, 55 commercial|Related:
Dynamic Application Security Testing Tools FAQ
Common questions about Dynamic Application Security Testing tools, selection guides, pricing, and comparisons.
Use SAST during development to catch coding flaws early (SQL injection, XSS patterns in code). Use DAST to test running applications for runtime vulnerabilities that SAST cannot detect: authentication issues, session management flaws, server misconfigurations, and business logic vulnerabilities. A mature AppSec program uses both, with SAST in CI/CD and DAST in staging/pre-production.
Have more questions? Browse our categories or search for specific tools.
