Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
☆1,227Oct 25, 2024Updated last year
Alternatives and similar repositories for cherrybomb
Users that are interested in cherrybomb are comparing it to the libraries listed below
Sorting:
- Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applic…☆4,600Jan 4, 2026Updated last month
- A fast, simple, recursive content discovery tool written in Rust.☆7,544Feb 8, 2026Updated 3 weeks ago
- A secure command-line tool for managing environment variables☆920Dec 12, 2025Updated 2 months ago
- Inspektor is a protocol-aware proxy that is used to enforce access policies👮☆283Jul 15, 2022Updated 3 years ago
- Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.☆1,108Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,285Updated this week
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.☆2,308Feb 21, 2026Updated last week
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆561Oct 8, 2024Updated last year
- A very vulnerable implementation of a GraphQL API.☆61Nov 12, 2021Updated 4 years ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆1,173Nov 25, 2024Updated last year
- Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom te…☆1,449Updated this week
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,645Nov 23, 2025Updated 3 months ago
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,577Updated this week
- Contextual Content Discovery Tool☆3,096Apr 29, 2024Updated last year
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆492May 13, 2023Updated 2 years ago
- Find secrets with Gitleaks 🔑☆25,103Feb 21, 2026Updated last week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- Metlo is an open-source API security platform.☆1,774Jul 25, 2025Updated 7 months ago
- A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️☆11,431Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,574Feb 23, 2026Updated last week
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆1,006Updated this week
- WIP OpenAPI tooling for Rust.☆953Jun 18, 2025Updated 8 months ago
- A vulnerability scanner for container images and filesystems☆11,652Updated this week
- A list of open source web security scanners☆1,288Apr 29, 2025Updated 10 months ago
- 🤖 The Modern Port Scanner 🤖☆19,306Feb 20, 2026Updated last week
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆814Jun 9, 2025Updated 8 months ago
- A next-generation test runner for Rust.☆2,833Updated this week
- Obtain GraphQL API schema even if the introspection is disabled☆1,396Dec 5, 2025Updated 2 months ago
- A jq clone focussed on correctness, speed, and simplicity☆3,394Feb 23, 2026Updated last week
- Find, verify, and analyze leaked credentials☆24,779Updated this week
- A JSON Query Language CLI tool☆1,655Feb 3, 2026Updated last month
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- Spin is the open source developer tool for building and running serverless applications powered by WebAssembly.☆6,313Updated this week
- A container runtime written in Rust☆7,240Feb 24, 2026Updated last week
- API Security Project aims to present unique attack & defense methods in API Security field☆1,432Mar 5, 2024Updated last year
- A more powerful alternative to sysctl(8) with a terminal user interface 🐧☆1,434Jan 1, 2026Updated 2 months ago
- Applied offensive security with Rust - https://kerkour.com/black-hat-rust☆4,274Oct 1, 2025Updated 5 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆723Updated this week
- A command line progress reporting library for Rust☆5,065Feb 23, 2026Updated last week