JBAhire / awesome-api-security-essentials
Awesome API Security: A Curated Collection of Resources for Bulletproof API Protection!
☆51Updated last year
Related projects ⓘ
Alternatives and complementary repositories for awesome-api-security-essentials
- A project to visualize the software supply chain☆35Updated last year
- ☆67Updated 8 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆96Updated last month
- Modular web-application honeypot platform built using go and gin☆54Updated 6 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆57Updated last year
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆173Updated 4 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆82Updated last month
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆149Updated 7 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Tool for obfuscating and deobfuscating data.☆63Updated 7 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆43Updated 5 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆79Updated this week
- LLM Testing Findings Templates☆65Updated 8 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- Vulnerability scanner for AWS customer managed policies using ChatGPT☆143Updated last year
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆69Updated 8 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆129Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆110Updated last year
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆48Updated 8 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆140Updated last week
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆161Updated last month
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆125Updated 11 months ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆40Updated last month
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆251Updated 3 weeks ago
- Efficient DevSecOps☆47Updated 7 months ago
- ☆28Updated 3 months ago
- Awesome curate list of cyber security penetration testing tools for Cloud Security mainly AWS/Azure/Google☆117Updated 3 years ago