Free
F5 Distributed Cloud WAF View F5 Distributed Cloud WAF
A deliberately vulnerable modern day app with lots of DOM related bugs
Application Security
Secure your applications with robust security measures. Protect against vulnerabilities and threats effectively.
Try these 256 AI Application Security Tools
Free
Falco View Falco
OpenRASP directly integrates its protection engine into the application server by instrumentation, providing context-aware protection and detailed stack trace logging.
Free
F5 NGINX App Protect View F5 NGINX App Protect
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
Free
@fastify/csrf-protection View @fastify/csrf-protection
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Free
@fastify/helmet View @fastify/helmet
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Free
@fastify/rate-limit View @fastify/rate-limit
An Application Security Posture Management platform that provides visibility, security controls, and automated workflows across the software development lifecycle from code to cloud.
Free
ffufai View ffufai
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Free
FingerprintJS View FingerprintJS
An insecure web application with multiple vulnerable web service components for learning real-world web service vulnerabilities.
Free
flAWS Challenge View flAWS Challenge
A tool for automated HTTP header injection
Free
Firejail View Firejail
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
Free
Fluid Attacks Continuous Hacking View Fluid Attacks Continuous Hacking
A simple, secure framework for building scalable applications
Free
Fnord View Fnord
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
Free
FlowDroid View FlowDroid
A cloud-based web application firewall that provides protection against web attacks, DDoS mitigation, and performance optimization through CDN capabilities.
Free
Ghost Platform View Ghost Platform
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Free
git-secrets View git-secrets
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
Free
Gitleaks View Gitleaks
IronBee is an open source project building a universal web application security sensor.
Free
GoLinkFinder View GoLinkFinder
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
Free
Google Play Crawler JAVA API View Google Play Crawler JAVA API
A fast and minimal JS endpoint extractor
Free
Grep App View Grep App
Identifies misconfigured CloudFront domains vulnerable to hijacking
Free
Hackazon View Hackazon
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Free
HackSys Extreme Vulnerable Driver (HEVD) View HackSys Extreme Vulnerable Driver (HEVD)
Scan files for viruses and malware with language-agnostic REST API
Free
Hapi View Hapi
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.