EvoMaster is an AI-driven tool for automatically generating system-level test cases for web and enterprise applications. It focuses on fuzzing Web APIs, including REST, GraphQL, and RPC (e.g., gRPC and Thrift). Key features: 1. Supports both black-box and white-box testing modes 2. Generates test cases in various formats (JUnit, Python, JavaScript) 3. Uses evolutionary algorithms and dynamic program analysis 4. Detects faults and generates regression test suites 5. Handles SQL databases and authentication mechanisms 6. Supports OpenAPI/Swagger schemas for REST APIs EvoMaster can be used for: - Automated API testing - Vulnerability detection - Code coverage improvement - Regression test suite generation The tool is particularly effective for JVM-based applications in white-box mode, offering advanced features like bytecode analysis and testability transformations.
FEATURES
SIMILAR TOOLS
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
A web application security testing platform that helps you test your knowledge on web application security through realistic scenarios with known vulnerabilities.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A brute-force protection middleware for express routes that rate-limits incoming requests.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.