Free
F5 Distributed Cloud WAF
A deliberately vulnerable modern day app with lots of DOM related bugs
Application Security
Secure your applications with robust security measures. Protect against vulnerabilities and threats effectively.
Try these 256 AI Application Security Tools
Free
Falco
OpenRASP directly integrates its protection engine into the application server by instrumentation, providing context-aware protection and detailed stack trace logging.
Free
F5 NGINX App Protect
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
Free
@fastify/csrf-protection
Emulates browser functionality to detect exploits targeting browser vulnerabilities.
Free
@fastify/helmet
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets in git repos.
Free
@fastify/rate-limit
An Application Security Posture Management platform that provides visibility, security controls, and automated workflows across the software development lifecycle from code to cloud.
Free
ffufai
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
Free
FingerprintJS
An insecure web application with multiple vulnerable web service components for learning real-world web service vulnerabilities.
Free
Firejail
A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.
Free
Fluid Attacks Continuous Hacking
A simple, secure framework for building scalable applications
Free
Fnord
A fake Django admin login screen to detect and notify admins of attempted unauthorized access
Free
FlowDroid
A cloud-based web application firewall that provides protection against web attacks, DDoS mitigation, and performance optimization through CDN capabilities.
Free
Ghost Platform
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
Free
git-secrets
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
Free
Gitleaks
IronBee is an open source project building a universal web application security sensor.
Free
GoLinkFinder
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
Free
Free
Hackazon
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
Free
HackSys Extreme Vulnerable Driver (HEVD)
Scan files for viruses and malware with language-agnostic REST API
Free
Hapi
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.