OWASP / OFFATLinks
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
☆629Updated this week
Alternatives and similar repositories for OFFAT
Users that are interested in OFFAT are comparing it to the libraries listed below
Sorting:
- Header Exploitation HTTP☆508Updated last week
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic …☆450Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆655Updated last month
- AI-powered ffuf wrapper☆492Updated 6 months ago
- Subprober is a powerful and efficient subdomain scanning tool written in Python. With the ability to handle large lists of subdomains. Th…☆252Updated 3 weeks ago
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆356Updated 3 weeks ago
- API Security Vulnerability Scanner designed to help you secure your APIs.☆143Updated this week
- A fast WordPress plugin enumeration tool☆438Updated last week
- LFI-FINDER is an open-source tool available on GitHub that focuses on detecting Local File Inclusion (LFI) vulnerabilities☆294Updated last year
- ☆312Updated last year
- ☆204Updated last year
- Web Security Scanner☆317Updated last year
- Pen Test Report Generation and Assessment Collaboration☆526Updated last week
- TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in you…☆277Updated 8 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆731Updated 2 weeks ago
- A simple tool for bypassing file upload restrictions.☆853Updated 10 months ago
- A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.☆365Updated 3 weeks ago
- Local File Inclusion discovery and exploitation tool☆310Updated 5 months ago
- SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty☆610Updated 2 weeks ago
- Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.☆240Updated 3 months ago
- Automation tool to testing and confirm the xss vulnerability.☆246Updated 2 months ago
- Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethica…☆693Updated 2 months ago
- ☆540Updated last year
- ShodanX is a tool to gather information of targets using shodan dorks⚡.☆403Updated 3 weeks ago
- Websec interview questions by tib3rius answered☆309Updated last year
- This Repositories contains list of One Liners with Descriptions and Installation requirements☆483Updated last month
- Lightning-fast passive subdomain discovery tool for security professionals and bug bounty hunters.☆335Updated 3 weeks ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆136Updated 2 weeks ago
- Nuclei-AI-Prompts☆197Updated last week
- Automated Tool for Testing Header Based Blind SQL Injection☆280Updated last year