
Show HN: SECAPPS InfoSec Tools For Developers - _pdp_
Hi everyone,
We are pivoting our product and before we dive I would like to get some feedback from the community.<p>We are building a set of apps which developers can use to debug and test web apps for security vulnerabilities. The key difference between these tools and others is that ours run on top of your browser which means that:<p>* require just a browser<p>* always updated<p>* no need to setup proxy settings or open up your environment to 3rd-party servers * you can test local apps as well as remote apps<p>* not locked to specific apps<p>* embeddable - you can link them to your own portals, status pages, ticketing systems, etc.<p>We think this service will appeal to developers who are inclined to do some security testing for their teams without wasting too much time because the tools are just a click away and they do not require too much attention or to keep up with the latest trends in security.<p>The tools are offered for free so you can use them without logging in or sign up. We are thinking to charge a license fee which not only make the apps more useful (access to some private services and storage) but also make them compatible for commercial use.<p>The current set of tools are available here:<p><a href="https:&#x2F;&#x2F;market.secapps.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;market.secapps.com&#x2F;</a><p>I would love to get your feedback.<p>I am also interested to ask the following specific questions:<p>* Would you find a service like this useful?<p>* Would you find the tools more useful than existing tools because we use web is a platform?<p>* How often do you think you are going to use tools like this, once a day, once a week, once a month?<p>* Would you pay for the service and how much if we make it available today, i.e. if you say yes and we drop in a link for payment in the comments - will you actually pay for it?<p>* If you cannot be bothered what do you do for security testing - what other tools or services are you using?<p>I am looking forward to read your comments.
======
bradknowles
There are only a few tools listed here, with short text-only descriptions.
Based on those descriptions, I can tell that most of these tools are of no
interest to me.

I don't see any tutorials, videos, examples, or use cases outlined here.

I like the style of the website and how clean it looks.

However, I'm left wanting to be convinced that there is anything here beyond a
very short shell script that calls out to a few tools like nmap, and nothing
more.

Please feel free to provide convincing evidence that there is something
worthwhile on this page. I do honestly want to like it.

~~~
bradknowles
As far as the tools I like to use for security testing, you could start with
the list from Sectools.org.

Put a significant number of them in a web-based service wrapper, and I might
be convinced to use that as my first stop on the road to more complete
testing.

~~~
_pdp_
Wrapping existing tools is not a problem but you are getting nothing more than
a wrapper. Hell, you can even run a web-based terminal and stick them in your
own DO host for $5 a month. However, a lot of the security tools are side-
projects so do not expect them to work all the time.

Distributions like Kali make it a lot easier but even then getting started may
be hard and besides you need to run them either on your own box or a server
and convince other people to use them too if you are to share the burden of
doing security tests.

The secapps tools are designed to be a click away - always available with no
installation or additional fiddling. Naturally we started with web tools but
we are currently expanding into other areas too and in the future we have some
cool ideas how to bring some powerful capabilities at your fingertips.

But yes, down the line, we would like to offer a hosted access of open source
tools too.

------
_pdp_
This is a re-post of
[https://news.ycombinator.com/item?id=14058725](https://news.ycombinator.com/item?id=14058725)
after it was mentioned that I should probably convert this into a Show HN
submission.

