JBAhire / awesome-api-security-essentialsLinks
Awesome API Security: A Curated Collection of Resources for Bulletproof API Protection!
☆58Updated last year
Alternatives and similar repositories for awesome-api-security-essentials
Users that are interested in awesome-api-security-essentials are comparing it to the libraries listed below
Sorting:
- A project to visualize the software supply chain☆51Updated last year
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- ☆111Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆65Updated this week
- Modular web-application honeypot platform built using go and gin☆58Updated last year
- ☆73Updated 3 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 10 months ago
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆126Updated last year
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated 6 months ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆119Updated last year
- PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.☆53Updated 3 weeks ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆110Updated this week
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆179Updated 11 months ago
- Nuclei plugins to audit Chrome extensions☆65Updated 11 months ago
- Tool for obfuscating and deobfuscating data.☆70Updated last year
- LLM Testing Findings Templates☆72Updated last year
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆149Updated 7 months ago
- Efficient DevSecOps☆47Updated 7 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆73Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 6 months ago
- Find which of your direct GitHub dependencies is susceptible to RepoJacking attacks☆58Updated 3 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 2 months ago
- ☆184Updated 2 months ago
- Semgrep-based Policy Controller for Kubernetes☆47Updated 2 months ago
- Pentester-focused Docker registry tool to enumerate and pull images☆21Updated 2 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆73Updated last year
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆28Updated 4 months ago
- ☆179Updated 2 months ago
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆173Updated 2 months ago