Talking about proprietary vectors, there's also Hatforce
(There's both public and private / trusted tests, contact them for more info.)
Anyway, I do suggest that you either go through the code, or get someone else to do it. Don't make a program do it for you naturally, as it may as you say, contain several vulnerabilities.
This depends on the developer, if he or she is skilled at writing secure code to protect against (at least) the most common attack vectors nowadays.
It sounds like a good idea to e.g., give an undergrad or someone else a look at your code, but keep in mind, that if this person whether he or she says they know infosec or not, doesn't make it hackproof.
For the most optimal security, you need at least one (skilled) ethical hacker (NOT certified ethical hacker), penetration tester, code reviewer, etc., to test your application. In other words, you need someone who "loves" information security (infosec), who knows their field, and capable of mitigating any risks in the app.
The best way, is to either:
A) Make your app open source so anyone can read the source and hope some hackers review it and make advisories
B) Hire an external company
C) Use it on a website and wait until someone might hack it. (Some companies seems to go with this option, even though I don't recommend it