AppCheck is a DAST platform that started life as an internal tool for penetration testers at SEC-1, now part of the Claranet Group. That origin shows in the product: it combines OSINT reconnaissance with browser-based crawling and dynamic fuzzing rather than relying on signature matching alone.
The platform scans web applications, APIs, and infrastructure using browser-based crawling and OSINT reconnaissance. ISO 27001:2022 certified, based in the UK.
Key Features
Feature
Details
Vulnerability coverage
100,000+ known security flaws
Crawling engine
Real browser rendering (handles SPAs, AJAX, WebSockets)
Uses a real browser engine to render pages, execute JavaScript, and interact with SPAs built on React, Angular, or Vue. Finds endpoints that traditional HTTP-parsing crawlers miss entirely.
OSINT Reconnaissance
Before active scanning starts, AppCheck gathers intelligence on the target: subdomain enumeration, technology stack fingerprinting, certificate transparency log analysis, and DNS record inspection. This widens the attack surface before a single probe is sent.
GoScript Flows
A custom scripting language for modeling multi-step user journeys. Script login sequences, form submissions, and business logic workflows. The scanner follows these scripts during testing to reach areas behind authentication or complex navigation.
VulnFeed Database
AppCheck maintains its own vulnerability database, VulnFeed, updated hourly with newly published vulnerabilities. This means the scanner picks up new attack vectors faster than tools that rely on monthly or quarterly signature updates.
Pentest-Grade Detection
In benchmark tests, AppCheck found every vulnerability identified by manual penetration testers plus three additional critical flaws. It completed the assessment in under half the time. The tool also generates proof-of-exploitation for confirmed findings.
Out-of-Band and IDOR Detection
AppCheck goes beyond standard request-response testing. Its out-of-band detection catches vulnerabilities where the exploit triggers a callback to an external server rather than returning data in the HTTP response. The scanner also automates IDOR (Insecure Direct Object Reference) detection, a class of access control flaws that most DAST tools skip.
Integrations
CI/CD & DevOps
Azure DevOps
Jenkins
TeamCity
AppCheck also has an open API for custom build pipeline integrations.
Compliance Reporting
Reports map findings to specific compliance frameworks:
PCI DSS requirements
OWASP Top 10 coverage
CWE classification
Custom report templates
Executive summaries and technical breakdowns
Getting Started
1
Sign up — Create an account on the SaaS platform at appcheck-ng.com, or deploy the on-premises version in your own environment.
2
Add targets — Enter your web application domains, API endpoints, or internal infrastructure ranges. AppCheck handles both external and internal scanning.
3
Configure authentication — Set up login credentials or use GoScript Flows to script complex authentication sequences the scanner should follow.
4
Launch scan — Choose a scan profile and start. The OSINT phase runs first, followed by browser-based crawling and active vulnerability testing.
5
Review and export — Findings include severity ratings, proof-of-exploitation where available, and remediation guidance. Export as compliance reports or push to your issue tracker.
Best For
Organizations that want pentest-quality automated scanning with OSINT built in. The unlimited scans and users per license makes it cost-effective for larger teams. Good fit for UK-based companies needing data residency compliance.
Limitations
AppCheck is less well-known than Burp Suite or Acunetix, which means fewer community resources and third-party guides. The GoScript Flows scripting language has a learning curve if you need to model complex business logic. No free tier exists.
AppCheck is a DAST tool focused on web applications, APIs, and infrastructure. Pair it with SAST for source code analysis and manual testing for logic flaws that automated scanners cannot catch.
Note: ISO 27001:2022 certified. Unlimited scans and users per license.
Frequently Asked Questions
What is AppCheck?
AppCheck is a UK-based DAST platform that grew out of a tool used internally by penetration testers at SEC-1 (now part of Claranet Group). It combines browser-based crawling with OSINT reconnaissance to scan web applications, APIs, and infrastructure.
Is AppCheck free or commercial?
AppCheck is commercial with both SaaS and on-premises deployment options. Licenses include unlimited scans and unlimited users, so pricing does not scale with team size or scan volume.
What vulnerabilities does AppCheck detect?
AppCheck detects over 100,000 known security flaws across OWASP Top 10 categories. It also uses dynamic fuzzing and out-of-band detection techniques to find zero-day vulnerabilities that signature-based scanners miss.
What is GoScript Flows?
GoScript Flows is AppCheck’s custom scripting language for modeling multi-step user journeys. You can script login sequences, form submissions, and business logic workflows that the scanner follows during testing.
How does AppCheck compare to manual penetration testing?
In benchmark tests, AppCheck found all vulnerabilities identified by manual penetration testers plus three additional critical flaws, and completed the assessment in under half the time.
Azure DevOps
Jenkins
TeamCity
Comments
Powered by Giscus — comments are stored in GitHub Discussions.