A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
-
Updated
Nov 30, 2024
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
GraphQL automated security testing toolkit
Tests your API automatically for common API vulnerabilities. Project is still Work In Progress. PRs are appreciated.
API Penetration Testing Notes
A Swiss knife for API security testing including a docker image, some labs and resources.
A Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing. Built with the Montoya API and modern Kotlin tooling.
Feature request system.
BOLA_Excessive_Data_Exposure_API_Pentest (Based on crAPI, my learning)
Add a description, image, and links to the api-hacking topic page so that developers can more easily learn about it.
To associate your repository with the api-hacking topic, visit your repo's landing page and select "manage topics."