Tracy Logo

Tracy

0
Free
Visit Website

A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner. It helps to identify potential security vulnerabilities in a web application by analyzing its code and identifying potential entry and exit points. Tracy provides a detailed report of the findings, making it easier for developers to understand and fix the issues.

FEATURES

ALTERNATIVES

Automatic authorization enforcement detection extension for Burp Suite

DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.

A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.

A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.

Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits

Revelo is an experimental Javascript deobfuscator tool with features to analyze and deobfuscate Javascript code.

A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.

Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.