I was searching for such resource to work as cheat sheet series and guide me through different attack scenarios for API attacks, didn’t find one, so decided to create it. We will have a reference of OWASP Top 10 project besides some other attacks that weren’t mentioned in the top 10 project.
☆15May 5, 2025Updated last year
Alternatives and similar repositories for AwesomeAPIAttacksCheatsheet
Users that are interested in AwesomeAPIAttacksCheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CyberPreacher cloud project collection☆16Dec 21, 2025Updated 4 months ago
- A tool to search, find, and download official App Store IPA files, including past versions and tvOS versions. With a Web UI to interact w…☆23Mar 7, 2026Updated 2 months ago
- Project 5 - Capstone Project The purpose of the Cloud DevOps Engineer capstone project is to give you a chance to combine what you've lea…☆17Apr 25, 2020Updated 6 years ago
- powerfull pentesting tool to checking email by smtp command☆10Feb 29, 2024Updated 2 years ago
- Gampung tools for find nuclei template from github☆12Sep 6, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Additional Material for the Mobile Forensics Course☆18Jul 10, 2020Updated 5 years ago
- Contains the source code for the software API to interface to the IMechE FS-AI ADS-DV using Linux SocketCAN.☆29Jul 21, 2021Updated 4 years ago
- Python utility for parsing Maui AssemblyStore blob file☆40Apr 14, 2025Updated last year
- ☆10Nov 7, 2022Updated 3 years ago
- ☆18Jul 11, 2025Updated 9 months ago
- My Obsidian Personal Knowledge Management System (Deployed with Zola + Netlify)☆15Jun 27, 2022Updated 3 years ago
- ☆14Oct 14, 2022Updated 3 years ago
- ☆14Jun 19, 2024Updated last year
- Paramix is a command-line tool for modifying the parameters of a list of URLs from stdin and returns them in stdout.☆17Aug 23, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- GromHacks Labs -- The payload lists they don't want you to have. 1,324 injection probes beamed down from the mothership to detect what's …☆34Apr 12, 2026Updated 3 weeks ago
- A GUI version of yt-dlp built in PyQt5 to make it easier to use.☆11Sep 17, 2023Updated 2 years ago
- Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC☆41Nov 19, 2022Updated 3 years ago
- This script will bruteforce the credential of tomcat manager or host-manager☆35Jun 24, 2020Updated 5 years ago
- Go script to guess an API key / OAuth token found during pentest. CLI version of https://github.com/daffainfo/apiguesser-web/☆45Aug 28, 2022Updated 3 years ago
- Stay on the beat with SubHound - receive notifications for new subdomains on Telegram and Discord! 🐶🎵☆17Jun 4, 2023Updated 2 years ago
- ☆16Aug 25, 2021Updated 4 years ago
- Contains all the scripts and sample apps related to android in app protections.☆42Apr 19, 2026Updated 2 weeks ago
- A repository with various tutorials on how to do things in Pentesting, setup environments and other things☆21Apr 26, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆30Oct 21, 2025Updated 6 months ago
- ☆12Jan 30, 2025Updated last year
- ☆23Mar 3, 2020Updated 6 years ago
- A lightweight Python-based tool to extract and enumerate Android components and automatically generate practical ADB commands☆113Jun 14, 2025Updated 10 months ago
- An ongoing & curated collection of awesome web vulnerability - Server-side request forgery software practices and remediation, libraries…☆24Feb 22, 2022Updated 4 years ago
- ☆13Jul 8, 2020Updated 5 years ago
- My notes on PentesterLab's Bootcamp series 🕵️☆47Oct 17, 2023Updated 2 years ago
- ☆20Mar 4, 2025Updated last year
- ☆20May 28, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- 🚀 CSRFShark - a utility for manipulating cross-site request forgery attacks☆36Sep 12, 2023Updated 2 years ago
- OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.☆26Mar 10, 2023Updated 3 years ago
- github pages repository☆13Nov 29, 2025Updated 5 months ago
- ☆30Jul 5, 2023Updated 2 years ago
- zwatcher is a lightweight bash script for monitoring sub/domains or a list of sub/domains and javascript files. It compares HTTP status c…☆21Nov 23, 2025Updated 5 months ago
- JsValidator is a tool created for validating the JS files after crawlling it from waybackurls☆20Mar 13, 2023Updated 3 years ago
- Random Tips and Writeups.☆15Feb 21, 2019Updated 7 years ago