KissPeter / APIFuzzer
Fuzz test your application using your OpenAPI or Swagger API definition without coding
☆441Updated last week
Alternatives and similar repositories for APIFuzzer:
Users that are interested in APIFuzzer are comparing it to the libraries listed below
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆220Updated 10 months ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- Semgrep rules registry☆871Updated this week
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆263Updated 3 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆392Updated 7 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆469Updated last year
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,686Updated last week
- Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!☆557Updated last year
- Grammar-based HTTP/1 fuzzer with mutation ability☆247Updated 4 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆714Updated 6 months ago
- PyJFuzz - Python JSON Fuzzer☆377Updated last year
- ☆182Updated 4 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆832Updated last year
- Coverage-guided, in-process fuzzing for the JVM☆1,087Updated 3 weeks ago
- Simple fuzzer for OpenAPI 3 specification based APIs☆22Updated 2 years ago
- GraphQL automated security testing toolkit☆312Updated last year
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆803Updated last year
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆471Updated 3 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆380Updated 2 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆201Updated 2 years ago
- A set of Python command line tools for working with SARIF files produced by code analysis tools☆103Updated 2 months ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆350Updated 6 months ago
- A source code static analysis platform for AppSec enthusiasts.☆236Updated 3 weeks ago
- Security Auditor Utility for GraphQL APIs☆430Updated 3 weeks ago
- Vulnerability Scan with Nuclei☆249Updated 3 months ago
- CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with min…☆1,250Updated last week
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆302Updated last year
- Automated API security testing☆85Updated 7 months ago
- Semgrep queries developed by Trail of Bits.�☆386Updated last week
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,595Updated this week