π Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
β221May 22, 2023Updated 3 years ago
Alternatives and similar repositories for 30-API-security-tests
Users that are interested in 30-API-security-tests are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- API-Pentesting-Checklistβ27Feb 27, 2023Updated 3 years ago
- Proactive, Open source API security β API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom teβ¦β1,486Updated this week
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issuesβ376Jul 25, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzerβ385May 19, 2023Updated 3 years ago
- β15May 6, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilitiesβ40Updated this week
- Authorization-Nuclei-Templatesβ39Sep 16, 2024Updated last year
- Mind-Maps of Several Thingsβ2,708Jun 29, 2023Updated 2 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,519Jan 8, 2026Updated 5 months ago
- A listing of the most common vuln that you can link in your PoCsβ28Oct 27, 2018Updated 7 years ago
- The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.β437Jul 11, 2022Updated 3 years ago
- A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanningβ519Jul 5, 2023Updated 2 years ago
- A Burp Extension that makes it easier to view all script code on a Response.β18Nov 12, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.β363May 5, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- i will upload more templates here to share with the comunity.β572Apr 17, 2024Updated 2 years ago
- β29Dec 13, 2023Updated 2 years ago
- jsleak is a tool to find secret , paths or links in the source code during the recon.β589Sep 25, 2025Updated 8 months ago
- Stay on the beat with SubHound - receive notifications for new subdomains on Telegram and Discord! πΆπ΅β17Jun 4, 2023Updated 3 years ago
- A OWASP Based Checklist With 80+ Test Casesβ200Oct 26, 2022Updated 3 years ago
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests wβ¦β636May 17, 2026Updated last month
- β₯β216Sep 7, 2025Updated 9 months ago
- β251May 25, 2021Updated 5 years ago
- β19Apr 5, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This challenge is Inon Shkedy's 31 days API Security Tips.β2,238Apr 20, 2022Updated 4 years ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLsβ¦β12May 28, 2023Updated 3 years ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.β3,225May 13, 2023Updated 3 years ago
- A path-normalization pentesting tool.β154Apr 2, 2026Updated 2 months ago
- This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitterβ3,543Feb 10, 2024Updated 2 years ago
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.β25Apr 19, 2023Updated 3 years ago
- β154Nov 27, 2021Updated 4 years ago
- β11Jan 24, 2023Updated 3 years ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,841May 1, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.β97Jan 2, 2025Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,843May 22, 2024Updated 2 years ago
- β18Apr 3, 2023Updated 3 years ago
- β1,113Jul 26, 2023Updated 2 years ago
- Real-world infosec wordlists, updated regularlyβ1,763Updated this week
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokensβ¦β5,417Mar 13, 2026Updated 3 months ago
- β46Apr 18, 2023Updated 3 years ago