Free
URL Redirection
Backslash Security is an application security platform that uses reachability analysis to enhance SAST and SCA, prioritize vulnerabilities, and provide remediation guidance.
Application Security
Secure your applications with robust security measures. Protect against vulnerabilities and threats effectively.
Try these 256 AI Application Security Tools
Free
Veracode
Python-based web server framework for setting up fake web servers and services with precise data responses.
Free
Verisys Antivirus API
JavaScript parser, minifier, compressor, and beautifier toolkit with simplified API and CLI.
Free
WackoPicko Vulnerable Website
Dynamic Java code instrumentation kit for Android applications.
Free
Wallarm API Security Platform
A static analysis tool for Android apps that detects malware and other malicious code
Free
Wappalyzer
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
Free
Websecurify
A DevSecOps platform that combines SAST, DAST, SCA, and secret scanning with AI/ML-based analysis for continuous application security testing and vulnerability management.
Free
Webshell-Sniper
A popular free security tool for automatically finding security vulnerabilities in web applications
Free
WhatWeb
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Free
Whispers
An automated code security tool that analyzes repositories, identifies vulnerabilities, and generates pull requests with fixes while integrating with existing development workflows.
Free
WP-Smart-Honeypot
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
Free
WPRecon
A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.
Free
WPSpider
An API security platform that provides automated discovery, documentation, and continuous security testing throughout the API lifecycle.
Free
XSS Polyglot Challenge
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Free
XSS (Cross Site Scripting) Cheatsheet
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Free
XSSer
A Dynamic Application Security Testing (DAST) platform that provides automated security testing for web applications, APIs, and LLM-powered applications throughout the software development lifecycle.
Free
XSS'OR
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
Free
xygeni
A Rust-based command-line tool for analyzing .apk files to detect vulnerabilities.
Free
XSSwagger
API security platform that combines discovery, testing, and monitoring capabilities to identify and protect against API vulnerabilities throughout the development lifecycle.
Free
Xtreme Vulnerable Web Application (XVWA)
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
Free
Yara-Java
Protect your Fastify server against CSRF attacks with a series of utilities and recommendations for secure application development.
Free
yaramod
This article discusses the different types of remote timing attacks and provides defense strategies against them.
Free
YarG for Yara
An integrated application security platform that combines multiple security scanning tools with developer-focused workflows for automated code and infrastructure security testing.
Free
Yobi
An ASPM platform that provides software supply chain security through risk assessment, prioritization, and protection mechanisms.