KissPeter / APIFuzzer
Fuzz test your application using your OpenAPI or Swagger API definition without coding
☆442Updated last month
Alternatives and similar repositories for APIFuzzer:
Users that are interested in APIFuzzer are comparing it to the libraries listed below
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆220Updated 11 months ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆263Updated 3 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆895Updated this week
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,713Updated last week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆476Updated 4 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆393Updated 7 years ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆250Updated 5 months ago
- ☆189Updated 5 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated last year
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆210Updated 6 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆718Updated 8 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆305Updated last year
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆148Updated 4 years ago
- Vulnerability Scan with Nuclei☆253Updated 5 months ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,613Updated last week
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆203Updated 2 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆837Updated last year
- Automated API security testing☆85Updated 8 months ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆385Updated 2 years ago
- Simple fuzzer for OpenAPI 3 specification based APIs☆22Updated 2 years ago
- Finding potential software vulnerabilities from git commit messages☆411Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆378Updated 3 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆114Updated last week
- Generic SAST Library☆131Updated 5 months ago
- grep rough audit - source code auditing tool☆1,601Updated 4 months ago
- Security Auditor Utility for GraphQL APIs☆450Updated 2 months ago
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆621Updated last week
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆531Updated 6 months ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆653Updated 4 years ago