Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
☆1,232Oct 25, 2024Updated last year
Alternatives and similar repositories for cherrybomb
Users that are interested in cherrybomb are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- HashiCorp-relevant rules for the Semgrep code analysis tool☆42Oct 3, 2023Updated 2 years ago
- Inspektor is a protocol-aware proxy that is used to enforce access policies👮☆285Jul 15, 2022Updated 3 years ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆1,251Apr 7, 2026Updated 2 months ago
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆576Oct 8, 2024Updated last year
- Metlo is an open-source API security platform.☆1,779Jul 25, 2025Updated 11 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applic…☆4,629Jan 4, 2026Updated 6 months ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆496May 13, 2023Updated 3 years ago
- A fast, simple, recursive content discovery tool written in Rust.☆7,890Apr 15, 2026Updated 2 months ago
- Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom te…☆1,487Updated this week
- Contextual Content Discovery Tool☆3,214Apr 29, 2024Updated 2 years ago
- A list of open source web security scanners☆1,534Apr 29, 2025Updated last year
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,844May 1, 2026Updated 2 months ago
- Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.☆1,340Jun 25, 2026Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆15,756Updated this week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A secure command-line tool for managing environment variables☆968Jun 23, 2026Updated last week
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.☆2,340Feb 21, 2026Updated 4 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆855May 13, 2026Updated last month
- A very vulnerable implementation of a GraphQL API.☆62Nov 12, 2021Updated 4 years ago
- Obtain GraphQL API schema even if the introspection is disabled☆1,487Dec 5, 2025Updated 6 months ago
- Nuclei plugins to audit Chrome extensions☆66Jul 16, 2024Updated last year
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,690Jun 26, 2026Updated last week
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆1,034Jun 24, 2026Updated last week
- Find secrets with Gitleaks 🔑☆27,936Jun 24, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆430Jun 23, 2026Updated last week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,657Jun 22, 2026Updated last week
- Rust newtype with guarantees 🇺🇦 🦀☆1,744Jun 18, 2026Updated 2 weeks ago
- API Security Project aims to present unique attack & defense methods in API Security field☆1,438Mar 5, 2024Updated 2 years ago
- A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️☆11,989Updated this week
- 🤖 The Modern Port Scanner 🤖☆20,024Updated this week
- A vulnerability scanner for container images and filesystems☆12,487Jun 26, 2026Updated last week
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆466Apr 13, 2026Updated 2 months ago
- Find, verify, and analyze leaked credentials☆26,947Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- WIP OpenAPI tooling for Rust.☆964Apr 20, 2026Updated 2 months ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆875Mar 28, 2025Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆862May 16, 2026Updated last month
- A container runtime written in Rust☆7,467Jun 27, 2026Updated last week
- Simple, Fast, Code first and Compile time generated OpenAPI documentation for Rust☆3,907Updated this week
- Spin is the open source developer tool for building and running serverless applications powered by WebAssembly.☆6,454Updated this week
- ☆22Nov 1, 2022Updated 3 years ago