imperva / automatic-api-attack-toolLinks
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
☆489Updated 2 years ago
Alternatives and similar repositories for automatic-api-attack-tool
Users that are interested in automatic-api-attack-tool are comparing it to the libraries listed below
Sorting:
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆406Updated 8 years ago
- DOM XSS scanner for Single Page Applications☆417Updated 2 months ago
- Security Testing Scripts for JWT☆326Updated 3 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆415Updated 5 years ago
- Repo for all the SKF Docker lab examples☆462Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆270Updated 2 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆450Updated last month
- An automated target reconnaissance pipeline.☆445Updated 2 years ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆667Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆416Updated 2 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆660Updated 6 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆324Updated last year
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆261Updated 3 years ago
- REST/JSON API to the Burp Suite security tool.☆562Updated 6 months ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆746Updated 2 years ago
- Second-order subdomain takeover scanner☆405Updated 4 months ago
- A simple SSRF-testing sheriff written in Go☆336Updated last year
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆563Updated 2 years ago
- Finds unknown classes of injection vulnerabilities☆704Updated 8 months ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆358Updated 5 years ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆451Updated 5 years ago
- Lesser Known Web Attack Lab☆330Updated 5 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆366Updated 2 years ago
- Web App bug hunting☆577Updated last month
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆403Updated 4 years ago
- Bugbounty scope tool☆332Updated 10 months ago
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆345Updated last week
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆880Updated 10 months ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆302Updated 2 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆737Updated 6 years ago