Free
Damn Vulnerable Web Application (DVWA)
ffufai is an AI-enhanced wrapper for ffuf that automatically suggests file extensions for web fuzzing based on the target URL and headers.
Application Security
Secure your applications with robust security measures. Protect against vulnerabilities and threats effectively.
Try these 256 AI Application Security Tools
Free
Damn Vulnerable Web Services
A tool for detecting capabilities in executable files, providing insights into a program's behavior and potential malicious activities.
Free
damnvulnerable.me
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
Free
Data Theorem API Secure
A tool for identifying and extracting parameters from HTTP requests and responses
Free
DECAF++
Threatspy is an application security testing platform that enables developers and security teams to discover, analyze, prioritize, and remediate vulnerabilities in web applications and APIs through an automated end-to-end process.
Free
Deepfactor Application Security Platform
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Free
Dependencies
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
Free
DerScanner
Real-time, eBPF-based Security Observability and Runtime Enforcement component
Free
Dependency Combobulator
Backslash Security is an application security platform that uses reachability analysis to enhance SAST and SCA, prioritize vulnerabilities, and provide remediation guidance.
Free
diff-gui
A static application security testing (SAST) platform that performs comprehensive source code analysis to identify vulnerabilities, malware, and security issues in application code and dependencies.
Free
django-admin-honeypot
Tool to inform about potential risks in project dependencies list.
Free
DOMPurify
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
Free
DryRun
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
Free
Drltrace
The Contrast Runtime Security Platform is a suite of application security tools that integrates security into the software development lifecycle and production environments, including IAST, SAST, RASP, and SCA capabilities.
Free
DroidRA
StepSecurity is a platform that enhances GitHub Actions security by providing network egress control, risk discovery, action replacement, and security best practices orchestration.
Free
DVTA - Vulnerable Thick Client Application
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
Free
EoHoneypotBundle
A managed Web Application and API Protection (WAAP) platform that combines WAF, API security, DDoS protection, and bot mitigation with 24/7 monitoring services.
Free
Equixly API Security Platform
An integrated application security platform that combines software composition analysis, container scanning, and runtime security monitoring to identify and prioritize vulnerabilities based on actual usage and risk.
Free
escape
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Free
eslint-plugin-anti-trojan-source
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
Free
EvoMaster
A lightweight web application firewall that protects modern applications and APIs across distributed architectures with integrated DoS protection, bot defense, and DevOps-friendly deployment options.
Free
express-brute
Automatic authorization enforcement detection extension for Burp Suite