Mobile App Security Scanner with AI Insights

It is a free, open-source penetration testing tool. It is designed specifically for testing web applications and is both flexible and extensible.

Testdroid provides a set of products for Android and iOS app/game testing on real devices. With different testing solutions, you can efficiently develop and test your mobile apps/games in agile way and achieve your business goals.

Gauge is created by ThoughtWorks. Gauge let you write tests in plain-speak and refactor fearlessly. Gauge’s pluggable architecture allows you to customize your environment so you can write tests in the language and IDE of your choice.

Run your app on our huge (and growing) collection of real devices from around the world. Select devices based on form factor, manufacturer, operating system, or even popularity in your target market. We’re adding over 100 devices every month, and if there’s a specific device you need, we’re taking requests.

Selendroid is a test automation framework which drives off the UI of Android native and hybrid applications (apps) and the mobile web. Tests are written using the Selenium 2 client API

It is a smart mobile app testing solution that lets developers ensure their users enjoy a smooth and consistent experience. With it, developers can access manual and automated testing options to facilitate the swift debugging of their applications.

It is the easiest, fastest way to create automated tests for Salesforce. Many Salesforce developers are familiar with automated testing via Apex unit tests. Once you've created tests, it helps you execute them.

BitResurrector v3.0 is a high-performance suite for recovering lost Bitcoin private keys. It leverages extreme GPU acceleration, AVX-512 parallelism, and cryptographic optimizations like Montgomery REDC. Built for "Digital Archaeology," it specializes in auditing historical PRNG weaknesses and statistical anomalies in early blockchain assets.

Test on 300+ unique, non-rooted phones and tablets in our state-of-the-art device lab. This is the exact same hardware and software you'll face in the wild, available 24/7 and 100% automated.

It is an Android test automation framework that has full support for native and hybrid applications. It makes it easy to write powerful and robust automatic black-box UI tests for Android applications.

Test your app on a large pool of Android and iOS versions and devices. No need to constantly buy and upgrade your devices. Testmunk ensures complete device and OS coverage currently available on the market. Devices are non-jailbroken. We support native and hybrid apps.

An open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.

The only self-service scanner with active adversarial probing for AI endpoints. 12 Parallel Security Checks get your results in less than a minute. No agents. No SDK. No credentials required. Paste a URL, get a security score with actionable findings.

It is a compliance-focused pentesting-as-a-service platform. It allows companies to easily schedule and manage penetration tests, designed for both compliance and security enhancement.

It is a penetration testing tool empowered by ChatGPT. It is designed to automate the penetration testing process. It is built on top of ChatGPT and operates in an interactive mode to guide penetration testers in both overall progress and specific operations.

TestObject offers a cloud infrastructure for automated mobile app testing that is accessible from any web browser. TestObject allows you to easily upload any app to your own testing account, record tests and run them on multiple devices. You will then get a detailed report with the test results.

Akira is an open-source AI pentest co-pilot that runs natively inside Claude Code, Gemini CLI, and Cursor. It chains 12 offensive security skills across a full 6-phase engagement lifecycle with real HTTP evidence required for every finding - no hallucinations, no false positives.

At its core, Vulseek combines automated asset discovery and scanning with intelligent risk prioritization, allowing security teams to focus on what truly matters. Its customizable dashboards, real-time alerts, and integrations with popular ticketing systems and SIEMs help ensure vulnerabilities are addressed swiftly and systematically.

A no-code test automation tool that helps QA teams automate web, mobile, and API tests fast - without writing scripts.

Continuous security platform for smart contracts and ZK circuits. Static analysis, fuzzing, and formal verification in one integrated workflow.

TestWheel is an AI-powered, no-code software testing platform for fast, end-to-end testing across web and mobile applications, API, and performance tests.

It is an online platform for checking port status. It checks whether a port is open, closed or filtered based on port number and IP address. The tool can handle IPv4/IPv6 IP addresses of a network. The tool verifies ports on both the internal computing network and the external one as well. This tool offers a premium feature of version scan and country-wise server testing to its users. With its unlimited usage, one can take maximum advantage of the tool for network issues troubleshooting.

Build your own distributed mobile device lab. Test on real iOS and Android devices you own. P2P architecture—data never leaves your network.

DeepStrike, a world-renowned leader in penetration testing and attack surface management, enables organizations to expand their security initiatives confidently

Autonomous AI security agents that run nonstop pentests to protect your websites, APIs and cloud infrastructure.

RedVeil offers on-demand penetration testing powered by agentic AI. Uncover vulnerabilities and get actionable at a fraction of traditional costs.

Secuditor Lite is a free diagnostic security tool with a friendly GUI for Windows endpoints and networks. It helps identify system vulnerabilities, improve device Operational Security (OPSEC), detect network elements, and generate structured audit reports, all in one place. Suitable for both personal and organizational environments.

Drizz is a Vision AI mobile app testing platform for Android and iOS. Automate UI testing on real devices with plain-English tests and self-healing execution.

You built the app. We'll find the holes. One audit, one payment — no security knowledge required. Free quick scan, $29 deep audit.

Find security vulnerabilities in your Replit, Bolt, Lovable, Cursor, and v0 projects. 40+ parallel scanner engines, risk scoring A+ to F, SARIF/CSV/PDF reports, and CI/CD integration.

The only security scanner built for vibe coders. Scan your Lovable.dev, Bolt.new - Supabase and Cursor apps for vulnerabilities in one click. Ship fast. Ship secure.

ZeroThreat.ai is an AI-powered web application and API pentesting platform designed to identify real, exploitable vulnerabilities—not just surface-level findings. Built for modern engineering teams, it combines Agentic AI pentesting with a high-performance scanning engine to deliver up to 10× faster, deeply validated security testing. Unlike traditional DAST tools that rely on static signatures and generate excessive noise, ZeroThreat.ai executes adaptive, attacker-style workflows that evolve based on application behavior. Its interpreter-driven vulnerability intelligence continuously ingests emerging threats and newly disclosed CVEs, enabling near real-time detection updates and rapid CVE-to-exploit mapping. The platform supports over 100,000 vulnerability checks, including native Nuclei template execution, and extends beyond known issues with zero-day detection through behavioral pattern analysis. It validates every finding through live exploit execution, ensuring only real, impactful vulnerabilities are reported—with clear proof of risk and exposed data. ZeroThreat.ai is purpose-built for modern applications, with advanced browser automation for SPAs, authenticated testing, and complex multi-step workflows. It identifies critical issues such as auth bypass, business logic flaws, and workflow abuse that traditional scanners miss.

Add white-label pentesting to your MSP stack. Client portal, branded reports, full API, scheduled scans. Ship your first pentest to a client in minutes.

Axeploit signs up and navigates your platform independently, then scans for over 7,500 known vulnerabilities. Just like a real attacker.

It is an open-source Java application for network communication proxying for the purpose of penetration testing. It allows penetration testers to set up proxies and interceptors to manage the traffic transmitted between client and server.

It is a library and Gradle plugin that makes on-device screenshot testing on Android easy. It makes this process easier by performing your screenshot assertions right in your test, alongside all of your other tests.