BBVA / apicheck
The DevSecOps toolset for REST APIs
☆274Updated 2 years ago
Alternatives and similar repositories for apicheck:
Users that are interested in apicheck are comparing it to the libraries listed below
- Automate security tests using Burp Suite.☆225Updated 8 months ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆174Updated 2 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆348Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆101Updated last year
- A simple web app that helps developers understand the ASVS requirements.☆157Updated this week
- Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and…☆272Updated 6 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆335Updated 4 years ago
- Container Security Verification Standard☆58Updated 5 years ago
- Mobile Security testing Framework☆41Updated 6 years ago
- The Secure Coding Framework☆268Updated 4 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆468Updated last year
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆481Updated 6 years ago
- secretz, minimizing the large attack surface of Travis CI☆325Updated 2 years ago
- ADAPT is a tool that performs automated Penetration Testing for WebApps.☆189Updated 5 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.☆179Updated this week
- vulnerable single sign on☆147Updated 7 months ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆220Updated 9 months ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆242Updated last month
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆110Updated last month
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆105Updated 2 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆186Updated 5 years ago
- Weaponizing Live CT logs for automated monitoring of assets☆132Updated 3 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆179Updated 6 years ago
- Benchmarking repo for secrets scanning☆230Updated 6 months ago
- ☆173Updated 2 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆140Updated 2 years ago
- Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0☆41Updated 2 years ago
- 🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment☆156Updated 3 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago