Check your WAF before an attacker does
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towar...
API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).
API Security Vulnerability Scanner designed to help you secure your APIs.
#安全#Automated API security testing
Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities
GitHub action to run Traceable Active Security Testing in GitHub workflows
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towar...
A community-driven list of custom Escape rules. Test your API security with rules that automatically adapt for you.
ScriptOcalypse 🏴☠️- Nothing here… just a lot of weird ideas with a chaotic mix of lemonade, boredom, and automation that somehow work.
Lightweight CLI tool for scanning REST APIs for CORS issues, methods, and info leaks.
OWASP-Top-10-Security-Vulnerabilities-With-Node.js
An intelligent web-proxy that monitors API requests of a web application and detects API security vulnerabilities automatically.
A RESTful API brute-forcing tool in Go for ethical hacking practice. **Gobrute** is built for testing login passwords with multithreading, progress tracking, and customizable payloads, ideal for contr...
Replace, load and replay Postman collections to Burp, Zap, etc.