Top 12 Open-Source Alternatives to HCL AppScan

Product categories

API Discovery API Tools Clean Code Code Analysis Code Collaboration Code Coverage Code Quality Code Review DevSecOps Security Security & Privacy Web Application Security

Summary

The top open-source alternatives to HCL AppScan are SonarQube, Sentinel, and Sqlmap. One of the criteria for ordering this list is the number of mentions that products have on reliable external sources. You can suggest additional sources through the form here.

SonarQube Landing Page
1

SonarQube

SonarQube, a core component of the Sonar solution, is an open source, self-managed tool that systematically helps developers and organizations deliver Clean Code.
Pricing:
- Open Source
- Freemium
- Free Trial
- $150.0 / Annually
#Code Analysis #Code Review #Code Coverage 1 social mentions
Sentinel Landing Page
2

Sentinel

An framework agnostic authentication & authorization library for ≥PHP 5.4.
Pricing:
- Open Source
#Web Application Security #Security & Privacy #Code Collaboration 1 social mentions
Sqlmap Landing Page
3

Sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and...
Pricing:
- Open Source
#Web Application Security #Security #Vulnerability Scanner 17 social mentions
Rapid7 Landing Page
4

Rapid7

Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the world's best penetration testing software now. DownloadPen testing software to act like an attacker.
Pricing:
- Open Source
#Security #Security & Privacy #Monitoring Tools 1 social mentions
SpotBugs Landing Page
5

SpotBugs

Static Application Security Testing (SAST)
Pricing:
- Open Source
#Code Analysis #Code Review #Web Application Security 4 social mentions
Cppcheck Landing Page
6

Cppcheck

Cppcheck is an analysis tool for C/C++ code. It detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. CppCheckDownload cppcheck for free.
Pricing:
- Open Source
#Code Analysis #Code Coverage #Development 10 social mentions
Zed Attack Proxy Landing Page
7

Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding...
Pricing:
- Open Source
#Web Application Security #Security #Security & Privacy
StyleCop Landing Page
8

StyleCop

Analyzes C# source code to enforce a set of style and consistency rules. - StyleCop/StyleCop
Pricing:
- Open Source
#Code Analysis #Code Coverage #Code Review
Escape.tech Landing Page
9

Escape.tech

Escape is the only API Security solution that combines the capabilities of API discovery, inventory, and security testing in CI/CD with 70+ security tests for GraphQL & REST APIs
Pricing:
- Open Source
- Paid
- Free Trial
#Web Application Security #Web And Mobile Application Security #API Discovery 12 social mentions
CodeClimate Landing Page
10

CodeClimate

Code Climate provides automated code review for your apps, letting you fix quality and security issues before they hit production. We check every commit, branch and pull request for changes in quality and potential vulnerabilities.
Pricing:
- Open Source
#Code Coverage #Code Quality #Code Analysis 11 social mentions
Dependency-Check Landing Page
11

DC

Dependency-Check

Dependency-Check is a utility that identifies project dependencies and checks if there are any...
Pricing:
- Open Source
#Security #Code Analysis #Web Application Security 16 social mentions
Let's Encrypt Landing Page
12

Let's Encrypt

Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG).
Pricing:
- Open Source
#Identity And Access Management #Two Factor Authentication #Security & Privacy 312 social mentions