OWASP / OFFATLinks
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
☆653Updated last month
Alternatives and similar repositories for OFFAT
Users that are interested in OFFAT are comparing it to the libraries listed below
Sorting:
- Header Exploitation HTTP☆671Updated last week
- AI-powered ffuf wrapper☆547Updated 11 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆832Updated this week
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆461Updated last year
- API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).☆224Updated 7 months ago
- API Security Vulnerability Scanner designed to help you secure your APIs.☆217Updated this week
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆681Updated 5 months ago
- Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethica…☆866Updated 2 weeks ago
- Pen Test Report Generation and Assessment Collaboration☆570Updated last week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆704Updated last month
- Find CVEs associated to Linux and public exploits on github☆119Updated 6 months ago
- A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.☆453Updated last week
- Pentest Report Generator☆433Updated 2 weeks ago
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆668Updated last year
- This repo tries to explain complex security vulnerabilities in simple terms that even a five-year-old can understand!☆369Updated 2 years ago
- The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning-On Your Terms. Easily distribute arbit…☆651Updated 2 months ago
- A OWASP Based Checklist With 500+ Test Cases☆803Updated 3 years ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,☆721Updated last year
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆375Updated 2 months ago
- Web Security Scanner☆340Updated last month
- A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers☆353Updated last year
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆432Updated 9 months ago
- HTTP 403 bypass tool☆602Updated last year
- Burp Suite Certified Practitioner Exam Study☆1,218Updated last week
- Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.☆1,007Updated 7 months ago
- A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure cod…☆441Updated 3 weeks ago
- Ultimate Burp Suite Exam and PortSwigger Labs Guide.☆322Updated 2 months ago
- A suite for hunting suspicious targets, expose domains and phishing discovery☆372Updated 2 months ago
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆494Updated 4 months ago
- ☆505Updated last year