App Security
Browse 27 app security tools
FEATURED
Fix-first AppSec powered by agentic remediation, covering SCA, SAST & secrets.
Fix-first AppSec powered by agentic remediation, covering SCA, SAST & secrets.
Code signing tutorials, validation guides, and DevOps productivity resources
Code signing tutorials, validation guides, and DevOps productivity resources
Mobile security app for Android devices with malware protection & anti-theft
Mobile security app for Android devices with malware protection & anti-theft
Platform for building SuperApps with miniapp containers and dev ecosystems
Platform for building SuperApps with miniapp containers and dev ecosystems
Mobile app security testing platform for Android and iOS apps
Mobile app security testing platform for Android and iOS apps
Runtime protection for web apps and APIs against attacks and threats
Runtime protection for web apps and APIs against attacks and threats
Bot detection and mitigation solution protecting web apps and APIs
Enterprise-scale ML-powered NGFW for data centers and service providers
Enterprise-scale ML-powered NGFW for data centers and service providers
Web application firewall protecting enterprise web apps and APIs
WAF protecting websites and web apps from OWASP Top 10 and zero-day attacks
WAF protecting websites and web apps from OWASP Top 10 and zero-day attacks
Static application security testing tool for source code vulnerability scanning
Static application security testing tool for source code vulnerability scanning
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.
OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.
PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.
PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.
Extract local data storage of an Android application in one click.
Extract local data storage of an Android application in one click.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Aptoide is an alternative Android application marketplace that enables APK downloads and metadata retrieval for mobile security research and analysis.
Aptoide is an alternative Android application marketplace that enables APK downloads and metadata retrieval for mobile security research and analysis.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.
A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
