Topic: "api-security-testing"
nemesida-waf/waf-bypass
Check your WAF before an attacker does
Language: Python - Size: 729 KB - Last synced at: about 16 hours ago - Pushed at: 1 day ago - Stars: 1,372 - Forks: 173

akto-api-security/akto
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
Language: Java - Size: 241 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1,285 - Forks: 244

OWASP/OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
Language: Python - Size: 11.7 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 628 - Forks: 84

cerberauth/vulnapi
API Security Vulnerability Scanner designed to help you secure your APIs.
Language: Go - Size: 2.85 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 140 - Forks: 16

abunuwas/fencer
Automated API security testing
Language: Python - Size: 381 KB - Last synced at: 18 days ago - Pushed at: 10 months ago - Stars: 85 - Forks: 13

akto-api-security/tests-library
Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities
Size: 293 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 37 - Forks: 34

Traceableai/ast-action
GitHub action to run Traceable Active Security Testing in GitHub workflows
Size: 28.5 MB - Last synced at: 4 days ago - Pushed at: 9 months ago - Stars: 4 - Forks: 1

owasp-offat/offat
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
Language: Go - Size: 2.78 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 2 - Forks: 1

Escape-Technologies/escape-rules
A community-driven list of custom Escape rules. Test your API security with rules that automatically adapt for you.
Size: 36.1 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

Presh-Cyber/ScriptOcalypse
ScriptOcalypse 🏴☠️- Nothing here… just a lot of weird ideas with a chaotic mix of lemonade, boredom, and automation that somehow work.
Language: Python - Size: 4.88 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0

darmado/repl
Modify, load and replay Postman collections through any proxy tool.
Language: Python - Size: 381 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

lunzai/gobrute
A RESTful API brute-forcing tool in Go for ethical hacking practice. **Gobrute** is built for testing login passwords with multithreading, progress tracking, and customizable payloads, ideal for controlled environments like OWASP Juice Shop.
Language: Go - Size: 8.79 KB - Last synced at: about 2 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0

0b1000Legs/SpyderByte
An intelligent web-proxy that monitors API requests of a web application and detects API security vulnerabilities automatically.
Language: Python - Size: 42 KB - Last synced at: 5 days ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
