Best Application Development Software for Windows - Page 35

x
View:
Open Source Commercial

Compare the Top Application Development Software for Windows as of October 2025 - Page 35

Sort By:
Application Development Windows Clear Filters
  • 1
    Pine Script

    Pine Script

    TradingView

    Pine Script® is TradingView’s programming language. It allows traders to create their own trading tools and run them on our servers. We designed Pine Script® as a lightweight, yet powerful, language for developing indicators and strategies that you can then backtest. Most of TradingView’s built-in indicators are written in Pine Script®, and our thriving community of Pine Script® programmers has published more than 100,000 community scripts. It’s our explicit goal to keep Pine Script® accessible and easy to understand for the broadest possible audience. Pine Script® is cloud-based and therefore different from client-side programming languages. While we likely won’t develop Pine Script® into a full-fledged language, we do constantly improve it and are always happy to consider requests for new features. Because each script uses computational resources in the cloud, we must impose limits in order to share these resources fairly among our users.
    Starting Price: Free
    View Software
  • 2
    ZenScript

    ZenScript

    CraftTweaker

    ZenScript originated from MineTweaker where a simple programming language is needed to allow users without programming knowledge to be able to execute simple commands by following the tutorials for it. Originally MineTweaker had a simple one-line-at-a-time parsed scripting system, but it quickly became clear that it wasn't flexible enough, so a simple parsed language was created. This parsed language worked quite well but was very inefficient as each value was wrapped into its own object. ZenScript allows mixed typed and typeless behavior. You don't need to define types anywhere, the compile will infer them where possible and exhibit typeless behavior when the type is effectively unknown. In nearly all the cases, the type is perfectly known and execution runs at native Java speed. Since there are types, they can be documented and enforced.
    Starting Price: Free
    View Software
  • 3
    Annotator

    Annotator

    Annotator

    Annotator is an open source JavaScript library to easily add annotation functionality to any webpage. Annotations can have comments, tags, links, users, and more. Annotator is designed for easy extensibility so it's a cinch to add a new feature or behaviour. Annotator also fosters an active developer community with contributors from four continents, building 3rd party plugins allowing the annotation of PDFs, EPUBs, videos, images, sound, and more. Adding an annotation to any website is easy with Annotator. First, download the Annotator library, and include it in your HTML. Annotator has a simple but powerful plugin architecture. Plug-ins can also be included for adding functionality such as user permissions, tags, filtering, and formatting. More than a dozen projects rely on Annotator for their digital annotation needs and many are open source. Share text and video annotations using social networks or email.
    Starting Price: Free
    View Software
  • 4
    osquery

    osquery

    osquery

    osquery is an operating system instrumentation framework for Windows, OS X (macOS), and Linux. The tools make low-level operating system analytics and monitoring both performant and intuitive. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. Our build infrastructure ensures that newly introduced code is benchmarked and tested. We perform continuous testing for memory leaks, thread safety, and binary reproducibility on all supported platforms.
    Starting Price: Free
    View Software
  • 5
    OpenJDK

    OpenJDK

    Oracle

    The place to collaborate on an open-source implementation of the Java platform, standard edition, and related projects. Download and install the latest open-source JDK. Oracle’s free, GPL-licensed, production-ready OpenJDK JDK 21 binaries for Linux, macOS, and Windows are available, Oracle’s commercially-licensed JDK 21 binaries, based on the same code, are available as well. Browse the code on the web, clone a repository to make a local copy, and contribute a patch to fix a bug, enhance an existing component, or define a new feature. OpenJDK provides source code that developers can use to build their binaries. Consequently, users are responsible for compiling the code and generating the Java runtime tailored to their specific platform. The JDK is a complex software project. Building it requires a certain amount of technical expertise, a fair number of dependencies on external software, and reasonably powerful hardware.
    Starting Price: Free
    View Software
  • 6
    Azure Kinect DK
    Azure Kinect is a cutting-edge spatial computing developer kit with sophisticated computer vision and speech models, advanced AI sensors, and a range of powerful SDKs that can be connected to Azure AI Services. Using Azure Kinect, manufacturing, retail, healthcare, and media enterprises are leveraging spatial data and context to enhance operational safety, increase performance, improve outcomes, and revolutionize the customer experience. Use computer vision to track and monitor exercise movements and overall form. Create a smart gym experience that can enhance results or an accessible and effective virtual rehabilitation solution. Pair real-time depth sensor data with AI-driven insights. Prevent and mitigate potential patient accidents and injuries in care environments with predictive alerts. 1-MP depth sensor with wide and narrow field-of-view (FOV) options that help you optimize for your application.
    Starting Price: $399 one-time payment
    View Software
  • 7
    Azure SQL Edge
    Small-footprint, edge-optimized SQL database engine with built-in AI. Azure SQL Edge, a robust Internet of Things (IoT) database for edge computing, combines capabilities such as data streaming and time series with built-in machine learning and graph features. Extend the industry-leading Microsoft SQL engine to edge devices for consistent performance and security across your entire data estate, from cloud to edge. Develop your applications once and deploy them anywhere across the edge, your on-premises data center, or Azure. Built-in data streaming and time series, with in-database machine learning and graph features for low-latency analytics. Data processing at the edge for online, offline, or hybrid environments to overcome latency and bandwidth constraints. Deploy and update from the Azure portal or your enterprise portal for consistent security and turnkey management. Detect anomalies and apply business logic at the edge using the built-in machine learning capabilities.
    Starting Price: $60 per year
    View Software
  • 8
    Grammatech Proteus
    Proteus is an advanced software testing system for automatically finding and fixing vulnerabilities, with no false alarms, aimed at development groups, testing organizations, and cybersecurity teams. It discovers vulnerabilities that could be triggered by potentially malicious files or network inputs, including many common entries in the Common Weakness Enumeration (CWE). The tool supports Windows and Linux native binaries. By integrating and simplifying the use of state-of-the-art tools for binary analysis and transformation, Proteus lowers the costs and increases the efficiency and effectiveness of software testing, reverse engineering, and maintenance. Binary analysis, mutational fuzzing, and symbolic execution without the need for source code, and a professional-grade user interface for result aggregation and presentation. Advanced exploitability reporting and reasoning capability, and deployment in a virtualized environment or on a host system.
    Starting Price: Free
    View Software
  • 9
    PortSwigger Burp Suite Professional
    Hands-on security testers need the best tools for the job. Tools you have faith in, and enjoy using all day long. The tools that other professionals trust. Burp Suite Professional is the web security tester's toolkit of choice. Use it to automate repetitive testing tasks, then dig deeper with its expert-designed manual and semi-automated security testing tools. Burp Suite Professional can help you to test for OWASP top 10 vulnerabilities, as well as the very latest hacking techniques. Smart automation works in concert with expert-designed manual tools, to save you time. Optimize your workflow, and do more of what you do best. Burp Scanner can navigate and scan JavaScript-heavy single-page applications (SPAs), scan APIs, and enable the prerecording of complex authentication sequences. A toolkit designed and used by professional testers. Utilize features like the ability to record everything you did on an engagement and a powerful search function to improve efficiency and reliability.
    Starting Price: $449 per year
    View Software
  • 10
    Peach Fuzzer

    Peach Fuzzer

    Peach Tech

    Peach is a SmartFuzzer that is capable of performing both generation and mutation-based fuzzing. Peach requires the creation of Peach Pit files that define the structure, type information, and relationships in the data to be fuzzed. It additionally allows for the configuration of a fuzzing run including selecting a data transport (publisher), logging interface, etc. Peach has been under active development since 2004 and is in its third major version. Fuzzing continues to be the fastest way to find security issues and test for bugs. Effective hardware fuzzing with Peach will introduce students to the fundamentals of device fuzzing. Peach was designed to fuzz any type of data consumer from servers to embedded devices. Researchers, corporations, and governments already use Peach to find vulnerabilities in hardware. This course will focus on using Peach to target embedded devices and collect information from the device in the event of a crash.
    Starting Price: Free
    View Software
  • 11
    Etheno

    Etheno

    Crytic

    Etheno is an Ethereum-testing, JSON RPC multiplexer, analysis tool wrapper, and test integration tool. It eliminates the complexity of setting up analysis tools like Echidna on large, multi-contract projects. If you are a smart contract developer, you should use Etheno to test your contracts. If you are an Ethereum client developer, you should use Etheno to perform differential testing on your implementation. Etheno runs a JSON RPC server that can multiplex calls to one or more clients. API for filtering and modifying JSON RPC calls. Enables differential testing by sending JSON RPC sequences to multiple Ethereum clients. Deploy to and interact with multiple networks at the same time. Integration with test frameworks like Ganache and Truffle. Run a local test network with a single command. Use our prebuilt Docker container to quickly install and try Etheno. Etheno can be used in many different ways and therefore, has numerous command-line argument combinations.
    Starting Price: Free
    View Software
  • 12
    Solidity Fuzzing Boilerplate
    Solidity Fuzzing Boilerplate is a template repository intended to ease fuzzing components of Solidity projects, especially libraries. Write tests once and run them with both Echidna and Foundry's fuzzing. Fuzz components that use incompatible Solidity versions by deploying those into a Ganache instance via Etheno. Use HEVM's FFI cheat code to generate complex fuzzing inputs or to compare outputs with non-EVM executables while doing differential fuzzing. Publish your fuzzing experiments without worrying about licensing by extending the shell script to download specific files. Turn off FFI if you don't intend to make use of shell commands from your Solidity contracts. Note that FFI is slow and should only be used as a workaround. It can be useful for testing against things that are difficult to implement within Solidity and already exist in other languages. Before executing tests of a project that has FFI enabled, be sure to check what commands are actually being executed.
    Starting Price: Free
    View Software
  • 13
    hevm

    hevm

    DappHub

    The hevm project is an implementation of the Ethereum Virtual Machine (EVM) made specifically for symbolic execution, unit testing, and debugging of smart contracts. It is developed by DappHub and integrates especially well with the DappHub tool suite. The hevm command line program can symbolically execute smart contracts, run unit tests, interactively debug contracts while showing the Solidity source, or run arbitrary EVM code. Computations can be performed using a local state set up in a testing harness or fetched on demand from live networks using RPC calls. Run a symbolic execution against the given parameters, searching for assertion violations. One can also specialize specific arguments to a function signature while leaving others abstract. hevm uses an eager approach for symbolic execution, meaning that it will first attempt to explore all branches of the program.
    Starting Price: Free
    View Software
  • 14
    Tayt

    Tayt

    Crytic

    Tayt is a StarkNet smart contract fuzzer. We recommend using a Python virtual environment. When starting you will see the properties to be checked and the external functions used to generate a sequence of transactions. Eventually, if a property is violated a call sequence will be presented with the order of functions to be called, the respective arguments passed, the caller address, and the events emitted. With Tayt, you can test a contract that deploys other contracts.
    Starting Price: Free
    View Software
  • 15
    ImmuneBytes

    ImmuneBytes

    ImmuneBytes

    Fortify your blockchains with our impeccable audit services for unparalleled security in the decentralized realm. If you're spending sleepless nights worrying about losing funds to hackers, choose from our stack of services, and bid farewell to all your fears. In-depth analysis of the code by industry veterans to detect the vulnerabilities in your smart contract. Our experts secure your blockchain applications by mitigating risks through security design, assessment, audit, and compliance services. Our independent team of prolific penetration testers performs an extensive exercise to detect vulnerabilities and system exploits. We are the torch-bearers of making the space safer for everyone and do it by helping with a complete, systematic analysis to enhance the product's overall security. Recovery of funds is as equally important as a security audit. Have the facility to track user funds with our transaction risk monitoring system and boost users' confidence.
    Starting Price: Free
    View Software
  • 16
    Google OSS-Fuzz
    OSS-Fuzz offers continuous fuzzing for open source software. Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of Chrome components, and we now want to share that service with the open source community. OSS-Fuzz aims to make common open source software more secure and stable by combining modern fuzzing techniques with scalable, distributed execution. Projects that do not qualify for OSS-Fuzz can run their own instances of ClusterFuzz or ClusterFuzzLite. Currently, OSS-Fuzz supports C/C++, Rust, Go, Python, and Java/JVM code. Other languages supported by LLVM may work too. OSS-Fuzz supports fuzzing x86_64 and i386 builds.
    Starting Price: Free
    View Software
  • 17
    Awesome Fuzzing
    Awesome Fuzzing is a list of fuzzing resources including books, courses, both free and paid, videos, tools, tutorials, and vulnerable applications to practice in order to learn fuzzing and initial phases of exploit development like root cause analysis. Courses/training videos on fuzzing, videos talking about fuzzing techniques, tools, and best practices. Conference talks and tutorials, blogs, tools that help in fuzzing applications, and fuzzers that help in fuzzing applications that use network-based protocols like HTTP, SSH, SMTP, etc. Search and pick the exploits, that have respective apps available for download, and reproduce the exploit by using the fuzzer of your choice. Set of tests for fuzzing engines. Includes different well-known bugs. A corpus, including various file formats for fuzzing multiple targets in the fuzzing literature.
    Starting Price: Free
    View Software
  • 18
    Fuzzing Project

    Fuzzing Project

    Fuzzing Project

    Fuzzing is a powerful strategy to find bugs in software. The idea is quite simple, which is to generate a large number of randomly malformed inputs for the software to parse and see what happens. If the program crashes then something is likely wrong. While fuzzing is a well-known strategy, it is surprisingly easy to find bugs, often with security implications, in widely used software. Memory access errors are the errors most likely to be exposed when fuzzing software that is written in C/C++. While they differ in the details, the core problem is often the same, the software reads or writes to the wrong memory locations. A modern Linux or BSD system ships a large number of basic tools that do some kind of file displaying and parsing. In their current state, most of these tools are not suitable for untrusted inputs. On the other hand, we have powerful tools these days that allow us to find and analyze these bugs.
    Starting Price: Free
    View Software
  • 19
    LibFuzzer

    LibFuzzer

    LLVM Project

    LibFuzzer is an in-process, coverage-guided, evolutionary fuzzing engine. LibFuzzer is linked with the library under test, and feeds fuzzed inputs to the library via a specific fuzzing entry point (or target function); the fuzzer then tracks which areas of the code are reached, and generates mutations on the corpus of input data in order to maximize the code coverage. The code coverage information for libFuzzer is provided by LLVM’s SanitizerCoverage instrumentation. LibFuzzer is still fully supported in that important bugs will get fixed. The first step in using libFuzzer on a library is to implement a fuzz target, a function that accepts an array of bytes and does something interesting with these bytes using the API under test. Note that this fuzz target does not depend on libFuzzer in any way so it is possible and even desirable to use it with other fuzzing engines like AFL and/or Radamsa.
    Starting Price: Free
    View Software
  • 20
    Honggfuzz
    Honggfuzz is a security-oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW-based). It’s multi-process and multi-threaded, there’s no need to run multiple copies of your fuzzer, as Honggfuzz can unlock the potential of all your available CPU cores with a single running instance. The file corpus is automatically shared and improved between all fuzzed processes. It’s blazingly fast when the persistent fuzzing mode is used. A simple/empty LLVMFuzzerTestOneInput function can be tested with up to 1mo iteration per second on a relatively modern CPU. Has a solid track record of uncovered security bugs, the only (to date) vulnerability in OpenSSL with the critical score mark was discovered by Honggfuzz. As opposed to other fuzzers, it will discover and report hijacked/ignored signals from crashes (intercepted and potentially hidden by a fuzzed program).
    Starting Price: Free
    View Software
  • 21
    Boofuzz

    Boofuzz

    Boofuzz

    Boofuzz is a fork of and the successor to the venerable Sulley fuzzing framework. Besides numerous bug fixes, Boofuzz aims for extensibility. Like Sulley, Boofuzzincorporates all the critical elements of a fuzzer like easy and quick data generation, instrumentation and failure detection, target reset after failure, and recording of test data. Much easier install experience and support for arbitrary communications mediums. Built-in support for serial fuzzing, ethernet- and IP-layer, UDP broadcast. Better recording of test data, consistent, thorough, and clear. Test result CSV export and extensible instrumentation/failure detection. Boofuzz installs as a Python library used to build fuzzer scripts. It is strongly recommended to set up Boofuzz in a virtual environment.
    Starting Price: Free
    View Software
  • 22
    Ffuf

    Ffuf

    Ffuf

    Ffuf is a fast web fuzzer written in Go. You can also practice your Ffuf scans against a live host with different lessons and use cases either locally by using the Docker container or against the live-hosted version. Provides virtual host discovery (without DNS records). In order to tell Ffuf about different inputs to test out, a wordlist is needed. You can supply one or more wordlists on the command line, and in case you wish (or are using multiple wordlists) you can choose a custom keyword for them. You can supply Ffuf with multiple wordlists (remember to configure a custom keyword for them though). The first word of the first wordlist is tested against all the words from the second wordlist before moving along to test the second word in the first wordlist against all the words in the second wordlist. In short, all of the different combinations are tried out. There are quite a few different ways to customize the request.
    Starting Price: Free
    View Software
  • 23
    afl-unicorn

    afl-unicorn

    Battelle

    afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine. If you can emulate the code you’re interested in using the Unicorn Engine, you can fuzz it with afl-unicorn. Unicorn Mode works by implementing the block-edge instrumentation that AFL’s QEMU mode normally does into Unicorn Engine. Basically, AFL will use block coverage information from any emulated code snippet to drive its input generation. The whole idea revolves around the proper construction of a Unicorn-based test harness. The Unicorn-based test harness loads the target code, sets up the initial state, and loads in data mutated by AFL from disk. The test harness then emulates the target binary code, and if it detects that a crash or error occurred it throws a signal. AFL will do all its normal stuff, but it’s actually fuzzing the emulated target binary code. Only tested on Ubuntu 16.04 LTS, but it should work smoothly with any OS capable of running both AFL and Unicorn.
    Starting Price: Free
    View Software
  • 24
    Fuzzbuzz

    Fuzzbuzz

    Fuzzbuzz

    The Fuzzbuzz workflow is very similar to other CI/CD testing workflows. However, unlike other testing workflows, fuzz testing requires multiple jobs to run simultaneously, which results in a few extra steps. Fuzzbuzz is a fuzz testing platform. We make it trivial for developers to add fuzz tests to their code and run them in CI/CD, helping them catch critical bugs and vulnerabilities before they hit production. Fuzzbuzz completely integrates into your environment, following you from the terminal to CI/CD. Write a fuzz test in your environment and use your own IDE, terminal, or build tools. Push to CI/CD and Fuzzbuzz will automatically start running your fuzz tests against your latest code changes. Get notified when bugs are found through Slack, GitHub, or email. Catch regressions as new changes are automatically tested and compared to previous runs. Code is built and instrumented by Fuzzbuzz as soon as a change is detected.
    Starting Price: Free
    View Software
  • 25
    BFuzz

    BFuzz

    RootUp

    BFuzz is an input-based fuzzer tool that takes HTML as an input, opens up your browser with a new instance, and passes multiple test cases generated by domato which is present in the recurve folder of BFuzz, more over BFuzz is an automation that performs the same task repeatedly and it doesn't mangle any test cases. Running BFuzz will ask for the option of whether to fuzz Chrome or Firefox, however, this will open Firefox from recurve and create the logs on the terminal. BFuzz is a small script that enables you to open the browser and run test cases. The test cases in recurve are generated by the domato generator and contain the main script. It contains additional helper code for DOM fuzzing.
    Starting Price: Free
    View Software
  • 26
    Sulley

    Sulley

    OpenRCE

    Sulley is a fuzzing engine and fuzz testing framework consisting of multiple extensible components. Sulley (IMHO) exceeds the capabilities of most previously published fuzzing technologies, commercial and public domain. The goal of the framework is to simplify not only data representation but to simplify data transmission and instrumentation. A pure-Python fully automated and unattended fuzzing framework. Sulley not only has impressive data generation but has taken this a step further and includes many other important aspects a modern fuzzer should provide. Sulley watches the network and methodically maintains records. Sulley instruments and monitors the health of the target, capable of reverting to a known good state using multiple methods. Sulley detects, tracks, and categorizes detected faults. Sulley can fuzz in parallel, significantly increasing test speed. Sulley can automatically determine what unique sequence of test cases triggers faults.
    Starting Price: Free
    View Software
  • 27
    Radamsa

    Radamsa

    Aki Helin

    Radamsa is a test case generator for robustness testing or fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestingly different outputs from them. The main selling points of Radamsa are that it has already found a slew of bugs in programs that actually matter, it is easily scriptable, and, easy to get up and running. Fuzzing is one of the techniques to find unexpected behavior in programs. The idea is simply to subject the program to various kinds of inputs and see what happens. There are two parts to this process: getting the various kinds of inputs and how to see what happens. Radamsa is a solution to the first part, and the second part is typically a short shell script. Testers usually have a more or less vague idea of what should not happen, and they try to find out if this is so.
    Starting Price: Free
    View Software
  • 28
    APIFuzzer
    APIFuzzer reads your API description and step-by-step fuzzes the fields to validate if your application can cope with the fuzzed parameters, and it does not require coding. Parse API definition from a local file or remote URL. JSON and YAML file format support. All HTTP methods are supported. Fuzzing of the request body, query string, path parameter, and request header is supported. Relies on random mutations and supports CI integration. Generate JUnit XML test report format. Send a request to an alternative URL. Support HTTP basic auth from the configuration. Save the report of the failed test in JSON format into the pre-configured folder.
    Starting Price: Free
    View Software
  • 29
    Jazzer

    Jazzer

    Code Intelligence

    Jazzer is a coverage-guided, in-process fuzzer for the JVM platform developed by Code Intelligence. It is based on libFuzzer and brings many of its instrumentation-powered mutation features to the JVM. You can use Docker to try out Jazzer's autofuzz mode, which automatically generates arguments to a given Java function and reports unexpected exceptions and detected security issues. You can also use GitHub release archives to run a standalone Jazzer binary that starts its own JVM configured for fuzzing.
    Starting Price: Free
    View Software
  • 30
    FuzzDB

    FuzzDB

    FuzzDB

    FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. FuzzDB contains comprehensive lists of attack payload primitives for fault injection testing. These patterns, categorized by the attack and where appropriate platform type, are known to cause issues like OS command injection, directory listings, directory traversals, source exposure, file upload bypass, authentication bypass, XSS, HTTP header crlf injections, SQL injection, NoSQL injection, and more. For example, FuzzDB catalogs 56 patterns that can potentially be interpreted as a null byte and contains lists of commonly used methods and name-value pairs that trigger debug modes.
    Starting Price: Free
    View Software

Related Categories