Web Application Vulnerability Scanner

The SecApps Scanner is a fully-automated web application security testing technology always available from the comfort of your browser. It is bundled with countless features to scan any web application for a variety of web application security vulnerabilities and attack scenarios.


The SecApps vulnerability scanner incorporates over 60 types of generic tests, capable of detecting from the severe vulnerabilities, such as SQL Injection, Local File Includes, Expression Injection and XSS, and diverse categories of issues related to Authentication, Session Management and other forms of security best practices. The Scanner is very performant, providing a real-time report of the encountered vulnerabilities which you can filter based on their severity.

With the Scanner co-pilot feature, a tester can perform a directed scan where the scanning engine will observe the requests made to the application and repeat the steps using intelligent fuzz-testing techniques. This provides a shortcut for quickly testing very complex applications without the need to set up any configuration and automation routines.


The SecApps Scanner offers a fully transparent view of all activities. You can see all attacks happening live and inspect each individual results with the help of the Request/Response transaction viewer. This unprecedented level of transparency with automation tools makes the Scanner the only reliable vulnerability scanning technology for critical infrastructures.

There are no artificial limits on how many web applications can be scanned by the Scanner. With the help of the SecApps companion browser extension you can even test applications behind the corporate firewall without the need for any additional setup.


  • Unlimited scans (no artificial locking)
  • Support for OWASP TOP 10 and WASC
  • Over 60 generic tests (new types of test are added continuously)
  • Test web apps even behind the perimeter firewall without any configuration
  • Detailed reports with deep technical coverage
  • Full, deep inspection of all testing activities
  • Co-pilot mode for human-assistive testing


  • Suitable For Non-commercial Use
  • Limited Features
  • Cloud Storage

Suite Pro

  • Suitable For Commercial Use
  • Unlimited Features
  • Cloud Storage


  • Specifically designed for medium and large Enterprises
  • All Tools, Services, and Plans
  • Single Sign-On Integration, Single Tenant
  • Dedicated Support, Custom Integrations
  • Annual or Monthly, Fixed-cost Billing