Escape is the only DAST platform that works with your modern stack and tests business logic instead of missing headers. It is built to make lives of Application Security engineers easier and to fit right into your modern stack, supporting modern web frameworks, APIs, CI/CD, and Wiz without hassle 😉

Document all your APIs & SPAs in minutes and discover vulnerabilities even at a business logic level with ourproprietary AI-powered algorithm.

Yes, we're here to help you prioritize what's critical for your business and win the respect of your development team!

We believe it’s time to bring more AI-driven innovation to cybersecurity, and we'd love your help in building this dream! Want to join our adventure? Check out ourCareers page!

At Escape, alongside our work on application discovery, API security, and Dynamic Application Security Testing (DAST), we've also been developing some fantastic open-source projects. Let us introduce you to all of them 🚀

• API Security Academy, an interactive platform dedicated to helping you learn how to secure #graphql applications.

• Goctopus, a GraphQL endpoint discovery and fingerprinting tool.

• GraphQL wordlist, the only GraphQL wordlist for #pentesting you'll ever need. Operations, field names, type names... It was collected on more than 60k distinct GraphQL schemas.

• GraphQL Armor, a middleware for Apollo GraphQL Server that adds a security layer to any GraphQL endpoint in minutes. It's also compatible with The Guild Software's Envelop universal plugin system.

• GraphMan, a tool that helps you to scaffold a Postman collection for a GraphQL API. Compatible with Postman & Insomnia from Kong Inc.

• Graphinder, a lightweight and blazing-fast GraphQL endpoint finder, making penetration testing on GraphQL much faster

• Mookme, a git hook manager, designed monorepos for dealing with different projects and languages, automated filtering, and ease of configuration and setup.

• PyMultiAuth-Archived, an open-source Python library that allows users to authenticate and reauthenticate automatically.

• We'd be happy to see you at our upcoming virtual events.

• The Elephant in AppSec podcast & virtual event.

• Escape Security Blog: Dive into the world of application security, API security and GraphQL security. Explore performance optimization, testing strategies, and best practices for building secure APIs & SPA! We also share lots of in-depth technical walkthroughs.

• Follow us on LinkedIn to get the latest updates from our team and watch the occasional joke passing by!

• Join our Slack community we're looking forward to welcome you! Ask us questions and share the feedback with others!

• Follow us on X to stay in touch!

• Have any suggestions? Feel free to drop us a line. We're always open to feedback! Don't be shy 😊

Repositories