EvoMaster is an AI-driven tool that automatically generates system-level test cases for web and enterprise applications. The tool specializes in fuzzing Web APIs, including REST, GraphQL, and RPC protocols such as gRPC and Thrift. The tool operates in both black-box and white-box testing modes, with enhanced capabilities for JVM-based applications in white-box mode. It utilizes evolutionary algorithms and dynamic program analysis to create comprehensive test suites. EvoMaster generates test cases in multiple formats including JUnit, Python, and JavaScript. The tool can detect application faults and create regression test suites to maintain code quality over time. The tool handles complex scenarios including SQL database interactions and authentication mechanisms. It supports OpenAPI/Swagger schemas for REST API testing, enabling structured and specification-driven test generation. In white-box mode, EvoMaster performs bytecode analysis and applies testability transformations to improve test effectiveness. The tool focuses on improving code coverage and identifying vulnerabilities through systematic testing approaches.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.