π Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
β220May 22, 2023Updated 2 years ago
Alternatives and similar repositories for 30-API-security-tests
Users that are interested in 30-API-security-tests are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- API-Pentesting-Checklistβ25Feb 27, 2023Updated 3 years ago
- Proactive, Open source API security β API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom teβ¦β1,455Updated this week
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issuesβ374Jul 25, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzerβ384May 19, 2023Updated 2 years ago
- β15May 6, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilitiesβ41Updated this week
- Authorization-Nuclei-Templatesβ39Sep 16, 2024Updated last year
- Mind-Maps of Several Thingsβ2,632Jun 29, 2023Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,503Jan 8, 2026Updated 2 months ago
- A listing of the most common vuln that you can link in your PoCsβ28Oct 27, 2018Updated 7 years ago
- The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.β439Jul 11, 2022Updated 3 years ago
- A Burp Extension that makes it easier to view all script code on a Response.β17Nov 12, 2023Updated 2 years ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanningβ520Jul 5, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.β360May 5, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- i will upload more templates here to share with the comunity.β569Apr 17, 2024Updated last year
- β29Dec 13, 2023Updated 2 years ago
- A OWASP Based Checklist With 80+ Test Casesβ156Oct 26, 2022Updated 3 years ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.β581Sep 25, 2025Updated 6 months ago
- Stay on the beat with SubHound - receive notifications for new subdomains on Telegram and Discord! πΆπ΅β17Jun 4, 2023Updated 2 years ago
- β₯β186Sep 7, 2025Updated 6 months ago
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests wβ¦β634Updated this week
- β251May 25, 2021Updated 4 years ago
- β20Apr 5, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- This challenge is Inon Shkedy's 31 days API Security Tips.β2,233Apr 20, 2022Updated 3 years ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLsβ¦β12May 28, 2023Updated 2 years ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.β3,161May 13, 2023Updated 2 years ago
- A path-normalization pentesting tool.β153Jan 22, 2026Updated 2 months ago
- β150Nov 27, 2021Updated 4 years ago
- This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitterβ3,275Feb 10, 2024Updated 2 years ago
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.β25Apr 19, 2023Updated 2 years ago
- β11Jan 24, 2023Updated 3 years ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.β97Jan 2, 2025Updated last year
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,658Nov 23, 2025Updated 4 months ago
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,785May 22, 2024Updated last year
- β18Apr 3, 2023Updated 2 years ago
- Real-world infosec wordlists, updated regularlyβ1,725Updated this week
- β1,116Jul 26, 2023Updated 2 years ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokensβ¦β5,254Mar 13, 2026Updated 2 weeks ago
- Azure and AWS Attacksβ1,114Nov 25, 2022Updated 3 years ago