BBVA / apicheck
The DevSecOps toolset for REST APIs
☆274Updated 2 years ago
Alternatives and similar repositories for apicheck:
Users that are interested in apicheck are comparing it to the libraries listed below
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆352Updated 4 years ago
- Automate security tests using Burp Suite.☆226Updated 10 months ago
- ADAPT is a tool that performs automated Penetration Testing for WebApps.☆189Updated 5 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆102Updated last year
- A tool geared towards pentesting APIs using OpenAPI definitions.☆174Updated 2 years ago
- An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.☆179Updated 2 weeks ago
- A starter secure code review checklist☆182Updated 6 years ago
- Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and…☆273Updated 7 months ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆481Updated 6 years ago
- A simple web app that helps developers understand the ASVS requirements.☆157Updated 2 months ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆220Updated 11 months ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆80Updated 5 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆180Updated 6 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆142Updated 2 years ago
- Container Security Verification Standard☆58Updated 5 years ago
- vulnerable single sign on☆147Updated 8 months ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆110Updated 3 months ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆279Updated 3 weeks ago
- Finding exposed secrets and personal data in GitLab☆197Updated 5 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated last year
- Find cloud assets that no one wants exposed 🔎 ☁️☆341Updated 4 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆249Updated 3 years ago
- The clever vulnerability dependency finder☆96Updated 2 years ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- Desktop variant of OWASP Threat Dragon☆77Updated 3 years ago
- Collection of links to Security stuff☆115Updated 4 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- ☆173Updated 2 years ago
- Python API library for DefectDojo☆41Updated 2 years ago
- ☆123Updated last year