akto-api-security / tests-library
Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities
☆32Updated this week
Related projects: ⓘ
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆47Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated last week
- List all public repositories for (valid) GitHub usernames☆67Updated 11 months ago
- 🔭 Collection of regexp pattern for security passive scanning☆110Updated last year
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆49Updated last week
- Script to test open Akamai ARL vulnerability.☆70Updated 3 years ago
- BChecks collection for Burp Suite Professional☆82Updated 3 months ago
- A list of threat sinks used in the manual security source code review for application security☆69Updated last year
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated 11 months ago
- Execute Trickest workflows right from your terminal☆76Updated last month
- ☆99Updated this week
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆38Updated 3 months ago
- ☆72Updated 4 months ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- HTTP parameter discovery suite.☆59Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆82Updated last year
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆110Updated last year
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆78Updated 11 months ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆54Updated last year
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆60Updated 2 years ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆86Updated 7 months ago
- ☆84Updated 2 years ago
- Self-hosted bug bounty programs that are "scammy" or unethical☆23Updated this week
- Monitoring the Cloud Landscape☆70Updated last week
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆49Updated 10 months ago
- NotSoCereal: A Deserialization exploit playground☆48Updated 2 years ago
- Fetch Javascript sourcemaps, bounty hunter style☆37Updated last year
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆80Updated 2 months ago
- Modified Nuclei Templates Version to FUZZ Host Header☆48Updated 2 years ago