KissPeter / APIFuzzer
Fuzz test your application using your OpenAPI or Swagger API definition without coding
☆417Updated 2 months ago
Related projects: ⓘ
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆205Updated 4 months ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆109Updated last year
- Semgrep rules registry☆772Updated this week
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆262Updated 2 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆384Updated 7 years ago
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,561Updated 3 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆687Updated last month
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆451Updated last year
- ☆286Updated this week
- GraphQL automated security testing toolkit☆296Updated 7 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆790Updated last year
- Security Auditor Utility for GraphQL APIs☆346Updated last week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆454Updated 3 months ago
- Automated API security testing☆78Updated last month
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆274Updated 9 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆542Updated last week
- Generic SAST Library☆123Updated 2 months ago
- Simple fuzzer for OpenAPI 3 specification based APIs☆21Updated last year
- Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!☆533Updated 7 months ago
- Finding potential software vulnerabilities from git commit messages☆390Updated 11 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆361Updated last year
- Vulnerability Scan with Nuclei☆238Updated last month
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,521Updated 2 months ago
- A source code static analysis platform for AppSec enthusiasts.☆199Updated this week
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆269Updated 5 months ago
- Black box fuzzer for web applications☆395Updated 2 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆145Updated 4 years ago
- A Pythonic framework for threat modeling☆892Updated last month
- PyJFuzz - Python JSON Fuzzer☆374Updated last year
- Coverage-based fuzzer for python applications☆231Updated last year