Dynamic Application Security Testing
Dynamic Application Security Testing (DAST) tools for dynamic application security testing that identify vulnerabilities in running web applications and APIs through automated scanning.
Browse 81 dynamic application security testing tools
FEATURED
RELATED TASKS
Enterprise DAST solution for runtime app and API security testing
Enterprise DAST solution for runtime app and API security testing
DAST tool for scanning web apps, microservices, and APIs for vulnerabilities
DAST tool for scanning web apps, microservices, and APIs for vulnerabilities
Black box fuzzer and DAST tool for testing application security
Black box fuzzer and DAST tool for testing application security
Managed web app security scanning service covering OWASP Top 10 vulnerabilities
Managed web app security scanning service covering OWASP Top 10 vulnerabilities
ImmuniWeb® On-Demand is a web application penetration testing platform that combines AI-powered automation with manual security testing to provide comprehensive vulnerability assessments and compliance reporting.
ImmuniWeb® On-Demand is a web application penetration testing platform that combines AI-powered automation with manual security testing to provide comprehensive vulnerability assessments and compliance reporting.
DAST platform for web app & API vulnerability scanning with AI-enabled features
DAST platform for web app & API vulnerability scanning with AI-enabled features
Cloud-based DAST solution for web app & API security with AI-powered scanning
Cloud-based DAST solution for web app & API security with AI-powered scanning
AI-powered AppSec platform for DAST, IAST, API security with auto-remediation
AI-powered AppSec platform for DAST, IAST, API security with auto-remediation
Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security
Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security
AppSec platform with API discovery, CI/CD-native DAST, and risk oversight
AppSec platform with API discovery, CI/CD-native DAST, and risk oversight
DAST platform for API and web app security testing with business logic focus
DAST platform for API and web app security testing with business logic focus
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
EvoMaster is an AI-driven tool that automatically generates system-level test cases for web APIs and enterprise applications using evolutionary algorithms and dynamic program analysis.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
DAST solution for web apps and APIs with automated scanning capabilities
DAST solution for web apps and APIs with automated scanning capabilities
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
A tool to find XSS vulnerabilities in web applications
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A fast and simple DOM based XSS vulnerability scanner
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
InQL is a Burp Suite extension for advanced GraphQL testing and vulnerability detection
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
Jaeles is an automated web application testing tool that helps identify vulnerabilities and security issues through customizable testing scenarios.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
Dynamic Application Security Testing Tools - FAQ
Common questions about Dynamic Application Security Testing tools including selection guides, pricing, and comparisons.
Dynamic Application Security Testing (DAST) tools for dynamic application security testing that identify vulnerabilities in running web applications and APIs through automated scanning.
