App Security
Explore 30 curated tools and resources
LATEST ADDITIONS
Veracode is an intelligent software security platform that helps developers and security teams secure code, find and fix flaws, and automate remediation.
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
A tool for brute-forcing GET and POST parameters to discover potential vulnerabilities in web applications.
A tool for detecting and exploiting vulnerabilities in web applications
AMDH is an Android tool for automating scanning, hardening system settings, detecting malware, and protecting privacy.
Android application for learning about vulnerabilities in modern Android apps and testing pentesting skills.
PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.
A framework for exploiting Android-based devices and applications
Extract local data storage of an Android application in one click.
A tool for detecting and exploiting Android application vulnerabilities
Android vulnerability analysis system with efficient scanning and high accuracy.
Introspy-Android is a blackbox tool for understanding Android app behavior and identifying security issues at runtime.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A vulnerability management tool for macOS that monitors and detects vulnerabilities in over 100 apps.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
Open source web application security scanner with 200+ vulnerability identification capabilities.
Automated vulnerability discovery tool for Cake PHP framework with limited false positives.
A collection of reports and resources highlighting Android security vulnerabilities and best practices.
DroidBox is a tool for dynamic analysis of Android applications, providing insights into package behavior and security.
A guide to brute forcing DVWA on the high security level with anti-CSRF tokens
A popular free security tool for automatically finding security vulnerabilities in web applications
Repository for apps to be used in Shuffle with compatibility instructions.
A security testing framework for Android with tools to search for vulnerabilities and interact with the Android Runtime.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
Python tool for monitoring user-select APIs in Android apps using Frida.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security