dharshin / API-Security-Checklist
A secuity checklist for anyone who's developing and deploying APIs
☆16Updated 4 years ago
Alternatives and similar repositories for API-Security-Checklist
Users that are interested in API-Security-Checklist are comparing it to the libraries listed below
Sorting:
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆125Updated 2 years ago
- A GitHub Action for running the ZAP API scan☆58Updated this week
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆290Updated last year
- Example of using Gauge and OWASP ZAP for test automation☆10Updated 5 years ago
- ☆17Updated 2 years ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 11 months ago
- This demo extends the existing GCP Boutique Shop Microservices demo to show how to use Apigee for exposing internal gRPC services (inside…☆39Updated last month
- This lab demonstrates some of the security concerns of a default Kubernetes Engine cluster configuration and the corresponding hardening …☆17Updated 5 years ago
- A Broken Application - Very Vulnerable!☆159Updated last week
- A repo for Apigee X/hybrid samples☆68Updated 2 weeks ago
- 🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the c…☆212Updated last year
- OWASP Foundation Web Respository☆55Updated 2 years ago
- APIsec|SCAN - Free API security testing using Github actions☆100Updated last year
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated 2 years ago
- Damn Vulnerable NodeJS Application☆728Updated last year
- The source of ZAP website☆72Updated this week
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆471Updated 7 months ago
- ☆78Updated 2 years ago
- Static code analysis for Apigee proxy bundles to encourage API developers to use best practices and avoid anti-patterns.☆99Updated last week
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws☆326Updated 9 months ago
- Damn Vulnerable Java (EE) Application☆138Updated last year
- A demo repo showcasing Snyk's Docker offering☆31Updated 9 months ago
- A web CTF for training developers in bug hunting and secure coding!☆99Updated 4 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆148Updated 4 years ago
- Common solutions and tools developed for Apigee☆196Updated 2 weeks ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆466Updated 8 months ago
- ☆93Updated last year
- graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…☆633Updated last month
- Security Testing Scripts for JWT☆313Updated 2 years ago