📋 DAST Tools

PortSwigger Burp Suite

The world's #1 web penetration testing toolkit.

A set of tools for performing security testing of web applications.

For more tool information ➜

Intruder

Stop breaches before they start.

An online vulnerability scanner that finds cybersecurity weaknesses in digital infrastructure.

For more tool information ➜

Astra Pentest

Pentesting as a service, tailored for your industry.

A penetration testing platform that combines automated and manual pentesting to secure web applications, APIs, and cloud infrastructure.

For more tool information ➜

Bright Security

Developer-Centric Dynamic Application Security Testing (DAST)

A DAST solution that integrates into the SDLC to help developers find and fix vulnerabilities early.

For more tool information ➜

Probely

Web Vulnerability Scanning for Dev, Sec, and Ops.

A DAST tool that provides continuous and automated vulnerability scanning for web applications and APIs.

For more tool information ➜

Detectify

Application security testing reimagined.

A cloud-based DAST tool that helps organizations discover, classify, and scan all external assets.

For more tool information ➜

StackHawk

Your AppSec Intelligence Platform

A DAST and API security testing tool built for developers to find and fix security issues in CI/CD.

For more tool information ➜

NowSecure

The Mobile App Security and Privacy Experts

A mobile-first, mobile-only application security and privacy testing platform.

For more tool information ➜

Invicti

The only proof-based application security platform that finds, validates, and prioritizes real vulnerabilities.

Automated application and API security testing solution for enterprise organizations.

For more tool information ➜

OWASP ZAP

The world’s most popular free web security tool.

An open-source web application security scanner.

For more tool information ➜

Veracode

The Application Risk Management Platform

A comprehensive software security platform that provides end-to-end security across the software development lifecycle.

For more tool information ➜

Mend.io

The AI Native AppSec Platform

An enterprise suite of application security tools designed to help organizations manage a proactive AppSec program.

For more tool information ➜

Acunetix

The original automated web application security scanner.

A DAST solution that helps small to mid-size organizations find, fix, and prevent vulnerabilities.

For more tool information ➜

Checkmarx

The leader in enterprise application security solutions.

A unified application security platform that helps organizations secure their applications from code to cloud.

For more tool information ➜

Rapid7 InsightAppSec

Dynamic Application Security Testing (DAST) for modern web applications.

A cloud-native DAST solution that automatically crawls and assesses web applications to identify vulnerabilities.

For more tool information ➜

Qualys Web Application Scanning (WAS)

Modern AppSec for Web App & API Security

A cloud-based AppSec solution providing DAST, API security, and web malware detection.

For more tool information ➜

Synopsys Seeker

Interactive Application Security Testing

An IAST solution that gives visibility into web app security posture and identifies vulnerability trends against compliance standards.

For more tool information ➜

HCL AppScan

Secure DevOps starts with HCL AppScan.

A suite of application security testing tools that helps organizations reduce the risk of web and mobile application attacks.

For more tool information ➜

Micro Focus Fortify WebInspect

Dynamic Application Security Testing

An automated dynamic application security testing (DAST) tool that identifies and prioritizes security vulnerabilities in running applications.

For more tool information ➜

IBM Security AppScan

Application security testing for today's enterprise.

A suite of application security testing tools to identify and remediate vulnerabilities in web, mobile, and API applications.

For more tool information ➜