Free
StaCoAn View StaCoAn
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
Application Security
Secure your applications with robust security measures. Protect against vulnerabilities and threats effectively.
Try these 256 AI Application Security Tools
Free
Stowaway View Stowaway
Static security code scanner (SAST) for Node.js applications with Docker support and integrations with Slack.
Free
StepSecurity View StepSecurity
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
Free
Subresource Integrity (SRI) View Subresource Integrity (SRI)
Automatically redirect users from www to non-www for a secure connection.
Free
Sucuri Website Firewall (WAF) View Sucuri Website Firewall (WAF)
API Security is a comprehensive solution that provides continuous discovery, vulnerability assessment, threat detection, compliance monitoring, dynamic testing, and remediation capabilities to protect APIs against various threats and vulnerabilities.
Free
SUPER Android Analyzer View SUPER Android Analyzer
Curiefense is an application security platform that protects against various threats and offers community involvement.
Free
Symbiotic Security View Symbiotic Security
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
Free
Talisman View Talisman
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
Free
TeejLab API Security Manager View TeejLab API Security Manager
A self-managed static code analysis platform that conducts continuous inspection of codebases to identify security vulnerabilities, bugs, and code quality issues.
Free
Tenable Web App Scanning View Tenable Web App Scanning
Backslash Security is an application security platform that uses reachability analysis to enhance SAST and SCA, prioritize vulnerabilities, and provide remediation guidance.
Free
TerraGoat View TerraGoat
Detect users' operating systems and perform redirection with Apache mod_rewrite.
Free
Tetragon View Tetragon
A tool for identifying potential security vulnerabilities in dependency configurations by checking for lingering free namespaces for private package names.
Free
The Matasano Crypto Challenges View The Matasano Crypto Challenges
FlowDroid is a context-, flow-, field-, object-sensitive and lifecycle-aware static taint analysis tool for Android applications.
Free
The Update Framework (TUF) View The Update Framework (TUF)
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
Free
ThreatLocker Platform View ThreatLocker Platform
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
Free
Threatspy View Threatspy
JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
Free
timing_attack View timing_attack
An API security and governance platform that provides discovery, security testing, compliance monitoring and lifecycle management capabilities for enterprise API implementations.
Free
Traceable API Security Platform View Traceable API Security Platform
A static code analysis tool for parsing common data formats to detect hardcoded credentials and dangerous functions.
Free
Tracee View Tracee
DerScanner is a comprehensive application security testing platform that combines SAST, DAST, MAST, SCA, and Binary Analysis capabilities with support for on-premises deployment and CI/CD integration.
Free
Tromzo Product Security Operating Platform View Tromzo Product Security Operating Platform
A tool for dynamic analysis of mobile applications in a controlled environment.
Free
UglifyJS 3 View UglifyJS 3
Qwiet AI is an application security platform that combines SAST, SCA, container security, secrets detection, and SBOM scanning with AI-powered vulnerability prioritization and automated fix generation.
Free
URL Redirect from www to non-www View URL Redirect from www to non-www
Static code analyzer for Infrastructure as Code with 500+ security policies and support for various IaC tools and cloud platforms.