#Awesome#A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towar...
GraphQL automated security testing toolkit
API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).
Tests your API automatically for common API vulnerabilities. Project is still Work In Progress. PRs are appreciated.
#博客#API Penetration Testing Notes
A Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing. Built with the Montoya API and modern Kotlin tooling.
A Swiss knife for API security testing including a docker image, some labs and resources.
컴퓨터공학과 해킹과 대응기술 정리입니다.
A Caido extension written in Typescript that makes an OPTIONS request and determines if other HTTP methods than the original request are available. If there are other methods available, findings are c...
Feature request system.
BOLA_Excessive_Data_Exposure_API_Pentest (Based on crAPI, my learning)