AppCheck is a dynamic application security testing (DAST) platform originating from the United Kingdom.
Built from a tool used internally by professional penetration testers, AppCheck combines open-source intelligence gathering with advanced browser-based crawling to identify vulnerabilities in web applications, APIs, and infrastructure.
What is AppCheck?
AppCheck started as an internal security tool within SEC-1, now part of the Claranet Group.
This origin gives the platform a practical, penetration-tester-focused design that addresses real-world security testing needs.
The solution has since expanded to serve organizations globally, offering both SaaS and on-premises deployment options.
The platform stands out for its intelligent crawling technology that uses a real browser engine to interact with modern JavaScript-heavy applications.
Unlike traditional DAST tools that rely on simple HTTP request parsing, AppCheck renders pages and executes JavaScript to discover hidden endpoints and dynamic content.
Key Features
Browser-Based Crawling Engine
AppCheck employs a sophisticated browser-based crawler that renders pages exactly as a real user would see them.
This approach enables detection of vulnerabilities in:
- Single-page applications (SPAs) built with React, Angular, or Vue
- Dynamic content loaded via AJAX requests
- Client-side routing and state management
- WebSocket communications
The crawler automatically handles modern authentication flows, including OAuth 2.0 and SAML, maintaining session state throughout the scanning process.
OSINT and Reconnaissance
Before active scanning begins, AppCheck gathers open-source intelligence about the target:
- Subdomain enumeration and discovery
- Technology stack fingerprinting
- Certificate transparency log analysis
- Historical data from web archives
- DNS record analysis
This reconnaissance phase helps identify additional attack surface that might otherwise go unnoticed during standard vulnerability scanning.
API Security Testing
AppCheck provides specialized testing capabilities for REST APIs and web services:
- OpenAPI/Swagger specification import
- Automatic parameter fuzzing
- Authentication token testing
- Rate limiting and access control verification
- GraphQL introspection and testing
Compliance and Reporting
Generate compliance-ready reports for various security standards:
- PCI DSS requirements mapping
- OWASP Top 10 coverage
- CWE classification
- Custom report templates
- Executive summaries and technical details
How to Use AppCheck
SaaS Platform
The quickest way to start with AppCheck is through the cloud-hosted SaaS platform:
- Sign up for an account at appcheck-ng.com
- Add your target application domains
- Configure authentication if required
- Launch your first scan
API Integration
AppCheck provides a REST API for programmatic access:
# Start a new scan
curl -X POST "https://api.appcheck-ng.com/v1/scans" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"target": "https://example.com",
"profile": "full-scan",
"authentication": {
"type": "form",
"loginUrl": "https://example.com/login",
"username": "testuser",
"password": "testpass"
}
}'
# Check scan status
curl "https://api.appcheck-ng.com/v1/scans/{scan_id}" \
-H "Authorization: Bearer YOUR_API_KEY"
Integration
GitHub Actions
name: AppCheck Security Scan
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- name: Trigger AppCheck Scan
run: |
SCAN_ID=$(curl -s -X POST "https://api.appcheck-ng.com/v1/scans" \
-H "Authorization: Bearer ${{ secrets.APPCHECK_API_KEY }}" \
-H "Content-Type: application/json" \
-d '{"target": "${{ vars.TARGET_URL }}", "profile": "ci-quick"}' \
| jq -r '.scan_id')
# Poll for completion
while true; do
STATUS=$(curl -s "https://api.appcheck-ng.com/v1/scans/$SCAN_ID" \
-H "Authorization: Bearer ${{ secrets.APPCHECK_API_KEY }}" \
| jq -r '.status')
if [ "$STATUS" = "completed" ]; then
break
elif [ "$STATUS" = "failed" ]; then
exit 1
fi
sleep 30
done
- name: Check for Critical Vulnerabilities
run: |
CRITICAL=$(curl -s "https://api.appcheck-ng.com/v1/scans/$SCAN_ID/results" \
-H "Authorization: Bearer ${{ secrets.APPCHECK_API_KEY }}" \
| jq '[.vulnerabilities[] | select(.severity == "critical")] | length')
if [ "$CRITICAL" -gt 0 ]; then
echo "Found $CRITICAL critical vulnerabilities"
exit 1
fi
GitLab CI
appcheck-scan:
stage: security
image: curlimages/curl:latest
script:
- |
SCAN_ID=$(curl -s -X POST "https://api.appcheck-ng.com/v1/scans" \
-H "Authorization: Bearer $APPCHECK_API_KEY" \
-H "Content-Type: application/json" \
-d "{\"target\": \"$TARGET_URL\", \"profile\": \"ci-quick\"}" \
| jq -r '.scan_id')
echo "Scan started: $SCAN_ID"
# Wait for scan completion
while [ "$(curl -s "https://api.appcheck-ng.com/v1/scans/$SCAN_ID" \
-H "Authorization: Bearer $APPCHECK_API_KEY" | jq -r '.status')" != "completed" ]; do
sleep 30
done
# Generate report
curl -s "https://api.appcheck-ng.com/v1/scans/$SCAN_ID/report?format=html" \
-H "Authorization: Bearer $APPCHECK_API_KEY" > appcheck-report.html
artifacts:
paths:
- appcheck-report.html
expire_in: 30 days
only:
- main
- merge_requests
When to Use AppCheck
AppCheck is particularly well-suited for organizations that:
- Need penetration-tester-quality scanning without hiring dedicated security staff
- Run modern JavaScript applications that require browser-based crawling
- Require compliance reporting for PCI DSS or other standards
- Want OSINT capabilities integrated with vulnerability scanning
- Prefer UK-based vendors for data residency or compliance reasons
The platform works best when integrated into a broader security program that includes manual testing for business logic vulnerabilities and code review for issues that dynamic testing cannot detect.
Consider alternatives if you need open-source tooling for budget reasons or require specific integrations that AppCheck does not currently support.
Note: ISO 27001:2022 certified. Unlimited scans and users per license.