Dynamic Analysis
Perform useful dynamic analysis to your applications and projects on the run
Last updated
Was this helpful?
Perform useful dynamic analysis to your applications and projects on the run
Last updated
Was this helpful?
Dynamic Application Security Testing (DAST) is another testing method that uses a black-box approach, assuming the testers donβt have access or knowledge of the applicationβs source code or its inner functionality. They test the application from outside using the available outputs and inputs [1].
(): curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
Veracode offers intelligent software security to continuously find and fix flaws at every stage of the modern software development lifecycle.
Demo must be requested...
More info:
: Scan hundreds of web applications and APIs simultaneously. Leverage a dynamic analysis tool with a low false-positive rate to make it easy for security and development teams to understand what matters most. Empower the Team.
Other solutions/products & services can be found in the official page.
invicti is a well-known enterprise with a "Application Security Testing" product that provides "Application security with zero noise".
Free trial
Other paid plans (Pro and Enterprise)
invicti (cloud or on-premises):
Automate security throughout your SDLC
See the complete picture of your app security
Find the vulnerabilities other tools miss
Manage risk like a team 10x your size
Prevent vulnerabilities by producing more secure code
Seamlessly integrate with your current systems
Probely is a well-known enterprise with a "Web application and API vulnerability scanner" product for several purposes.
Free "lite plan"
Other paid plans (Pro and Enterprise)
Probely:
Web Application Vulnerability Scanner
API Vulnerability Scanner
DevOps-Centric
Relevant Findings
CI/CD Integration
Compliance: PCI-DSS, OWASP TOP 10, ISO27001, HIPAA, and GDPR standards
Next-Generation Spider
Free trial
Request a demo or talk with sales...
AppScan on Cloud:
A comprehensive, cloud-based application security solution that provides the speed and accuracy of AppScan in a powerful, easy to consume service.
AppScan Enterprise:
Perform large scale application scanning, mitigate vulnerabilities, and achieve regulatory compliance.
AppScan Standard:
Identify, understand and remediate application vulnerabilities.
AppScan Source:
Identify and remediate security vulnerabilities early in the development cycle using static application security testing.
Request a demo or talk with sales...
Demo: https://www.synopsys.com/software-integrity/security-testing/dast/demo.html
Sales: https://www.synopsys.com/software-integrity/security-testing/dast/get-pricing.html
WhiteHat Dynamic:
Verify coverage of the OWASP Top 10
Get verified and actionable results with near-zero false positives
Find the vulnerabilities in your applications
Cloud-based
Production safe
Always on
Powered by AI
Official page: https://www.synopsys.com/software-integrity/security-testing/dast.html
Official page:
More info:
Official page:
More info:
Official page:
AppScan from is a market-leading application security solutions (SAST, DAST, IAST, SCA, API).
More info:
Official page:
WhiteHat Dynamic from is part of the WhiteHat Application Security Platform. Dynamic application security scanner that covers the OWASP Top 10.
More info:
(by invicti): Acunetix is a web vulnerability solution for securing your websites, web applications, and APIs.
(by opentext): Integrated dynamic application security testing (DAST) tools with the breadth of coverage needed to support modern applications.
Qualys (): A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
(): open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).
Palo Alto Networks - : Cloud-Native Application Protection Platform (CNAPP). Secures applications from code to cloud, enabling security and DevOps teams to effectively collaborate to accelerate secure cloud-native application development and deployment.
(web): quickly and easily assess the security of your HTTP response headers.
PortSwigger :
(): one of the worldβs most popular free security tools and is actively maintained by a dedicated international team of volunteers.
ClickJacker - : tests, quick PoCs, tutorials and docs about clickjacking.
: Visual Attack Surface & HTTP Probe on your fingertips.
Imperva (β οΈ): customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
() (β οΈ): a ruggedization framework that embodies the principle "be mean to your code".
(β οΈ): discover internet-wide misconfigurations. Verify your assets are not blindly open.
[1]: