OWASP / crAPI
completely ridiculous API (crAPI)
☆1,119Updated this week
Related projects ⓘ
Alternatives and complementary repositories for crAPI
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆928Updated 3 months ago
- vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.☆1,178Updated last year
- Organize your API security assessment by using MindAPI. It's free and open for community collaboration.☆823Updated last month
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆455Updated last month
- ☆354Updated 2 years ago
- A OWASP Based Checklist With 500+ Test Cases☆641Updated 2 years ago
- Contextual Content Discovery Tool☆2,655Updated 6 months ago
- A wordlist of API names for web application assessments☆760Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,421Updated 5 months ago
- ☆1,019Updated last week
- Burp Suite Certified Practitioner Exam Study☆920Updated 3 weeks ago
- An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!☆1,621Updated 8 months ago
- Automated & Manual Wordlists provided by Assetnote☆1,325Updated 3 months ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,225Updated 3 years ago
- ☆930Updated 9 months ago
- PeTeReport is an open-source application vulnerability reporting tool.☆470Updated 5 months ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,072Updated 2 months ago
- ☆581Updated this week
- 🎯 XML External Entity (XXE) Injection Payload List☆1,097Updated 4 months ago
- The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and secu…☆448Updated 3 weeks ago
- ☆738Updated last week
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,819Updated 10 months ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.☆1,062Updated 3 months ago
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and p…☆1,508Updated last year
- ☆523Updated 3 years ago
- ☆1,579Updated last month
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)☆1,391Updated 8 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆935Updated 4 months ago
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target☆1,204Updated 4 months ago
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep☆1,218Updated 2 months ago