OpenRASP
OpenRASP directly integrates its protection engine into the application server by instrumentation, monitoring various events including database queries, file operations, and network requests. It takes a context-aware approach by hooking sensitive functions to examine and block inputs, resulting in lower false positives and higher detection rates. It logs detailed stack traces for easier forensic analysis and is insusceptible to malformed protocols. OpenRASP supports various web application servers for Linux platforms.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
cwe_checker is a suite of checks to detect common bug classes in ELF binaries using Ghidra for firmware analysis.
An AI-powered API security testing platform that performs continuous vulnerability assessment, attack surface mapping, and compliance monitoring of API endpoints.
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
An insecure web application with multiple vulnerable web service components for learning real-world web service vulnerabilities.
A learning and training project demonstrating common configuration errors in cloud environments.
A privacy-focused CAPTCHA alternative that protects websites from bot attacks using proof-of-work challenges and AI-based detection while maintaining GDPR compliance.
A code scanning tool that detects and prevents secrets like API keys and credentials from being committed to source code repositories.
An API security and governance platform that provides discovery, security testing, compliance monitoring and lifecycle management capabilities for enterprise API implementations.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.