BBVA / apicheck
The DevSecOps toolset for REST APIs
☆272Updated 2 years ago
Alternatives and similar repositories for apicheck:
Users that are interested in apicheck are comparing it to the libraries listed below
- Automate security tests using Burp Suite.☆224Updated 7 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆99Updated last year
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆349Updated 4 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆172Updated 2 years ago
- vulnerable single sign on☆147Updated 5 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆464Updated last year
- Static security checker for Dockerfiles☆93Updated 10 months ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆178Updated 6 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆277Updated last month
- ADAPT is a tool that performs automated Penetration Testing for WebApps.☆187Updated 5 years ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆480Updated 6 years ago
- The Secure Coding Framework☆265Updated 4 years ago
- Container Security Verification Standard☆57Updated 5 years ago
- An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.☆177Updated 2 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆334Updated 4 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆140Updated 2 years ago
- Desktop variant of OWASP Threat Dragon☆77Updated 3 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- GraphQL security testing tool☆120Updated 2 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆245Updated 2 years ago
- Damn Vulnerable Java (EE) Application☆133Updated last year
- Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.☆612Updated 5 years ago
- A starter secure code review checklist☆180Updated 6 years ago
- A simple web app that helps developers understand the ASVS requirements.☆156Updated 10 months ago
- Web app authorisation coverage scanning☆236Updated last year
- Finding exposed secrets and personal data in GitLab☆195Updated 2 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆389Updated 7 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆217Updated 8 months ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆308Updated 10 months ago
- Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project…☆109Updated 10 months ago