API Security Project aims to present unique attack & defense methods in API Security field
☆286Mar 6, 2022Updated 3 years ago
Alternatives and similar repositories for API-SecurityEmpire
Users that are interested in API-SecurityEmpire are comparing it to the libraries listed below
Sorting:
- API Security Project aims to present unique attack & defense methods in API Security field☆1,432Mar 5, 2024Updated last year
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,645Nov 23, 2025Updated 3 months ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,524Jan 15, 2026Updated last month
- This challenge is Inon Shkedy's 31 days API Security Tips.☆2,231Apr 20, 2022Updated 3 years ago
- Mind-Maps of Several Things☆2,626Jun 29, 2023Updated 2 years ago
- Azure Security Resources and Notes☆1,711Feb 17, 2026Updated 2 weeks ago
- SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.☆162Jul 17, 2023Updated 2 years ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.☆3,149May 13, 2023Updated 2 years ago
- Automating situational awareness for cloud penetration tests.☆2,295Feb 21, 2026Updated last week
- My cheatsheet notes to pentest AWS infrastructure☆703Oct 17, 2022Updated 3 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,737Feb 16, 2026Updated 2 weeks ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆1,173Nov 25, 2024Updated last year
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆61Apr 23, 2023Updated 2 years ago
- completely ridiculous API (crAPI)☆1,435Updated this week
- This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 …☆2,462Nov 16, 2024Updated last year
- Awesome information for WebSockets security research☆300Jan 10, 2022Updated 4 years ago
- JSON Web Token Hack Toolkit☆972Feb 23, 2026Updated last week
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin��…☆7,259Updated this week
- Go scripts for checking API key / access token validity☆221Aug 3, 2021Updated 4 years ago
- vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.☆1,328Jan 10, 2025Updated last year
- Tools & Interesting Things for RedTeam Ops☆2,256Feb 10, 2026Updated 2 weeks ago
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆128Jun 2, 2022Updated 3 years ago
- Contextual Content Discovery Tool☆3,096Apr 29, 2024Updated last year
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 4 years ago
- This tool is designed to seamlessly convert Postman collections into OpenAPI schemas. This conversion is essential for API security testi…☆12Sep 3, 2024Updated last year
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!☆1,941Oct 7, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆32Oct 11, 2020Updated 5 years ago
- A repository that includes all the important wordlists used while bug hunting.☆1,378Mar 11, 2023Updated 2 years ago
- Quickly discover exposed hosts on the internet using multiple search engines.☆2,827Feb 19, 2026Updated last week
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,977Sep 5, 2021Updated 4 years ago
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆46Feb 2, 2023Updated 3 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆297Sep 22, 2024Updated last year
- GraphQL automated security testing toolkit☆333Feb 20, 2024Updated 2 years ago
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…☆1,676May 24, 2025Updated 9 months ago
- Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic☆308Jan 6, 2023Updated 3 years ago
- All about bug bounty (bypasses, payloads, and etc)☆6,655Sep 8, 2023Updated 2 years ago
- Burp Extension for AWS Signing☆90Jan 10, 2025Updated last year
- Azure and AWS Attacks☆1,114Nov 25, 2022Updated 3 years ago