imperva / automatic-api-attack-toolLinks
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
☆484Updated 2 years ago
Alternatives and similar repositories for automatic-api-attack-tool
Users that are interested in automatic-api-attack-tool are comparing it to the libraries listed below
Sorting:
- DOM XSS scanner for Single Page Applications☆416Updated 2 months ago
- Repo for all the SKF Docker lab examples☆454Updated last year
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- Security Testing Scripts for JWT☆316Updated 3 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆439Updated this week
- HTTP file upload scanner for Burp Proxy☆411Updated 2 years ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆388Updated 3 years ago
- Finds unknown classes of injection vulnerabilities☆701Updated 3 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆399Updated 8 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆416Updated 4 years ago
- REST/JSON API to the Burp Suite security tool.☆563Updated last month
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆734Updated 2 years ago
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆488Updated 10 months ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆663Updated 4 years ago
- Python tool to find potential Server Side Reqest Forgery (SSRF) vulnerability parameters.☆329Updated 3 weeks ago
- Second-order subdomain takeover scanner☆407Updated 2 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆744Updated last year
- Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.☆870Updated 5 months ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests a…☆338Updated 4 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆636Updated last year
- An automated target reconnaissance pipeline.☆437Updated 2 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆261Updated 2 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆655Updated 6 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆363Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆327Updated 9 months ago
- Lesser Known Web Attack Lab☆331Updated 5 years ago
- Web App bug hunting☆570Updated 5 months ago
- Default signature for Jaeles Scanner☆324Updated 3 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆320Updated last year
- Organize your API security assessment by using MindAPI. It's free and open for community collaboration.☆848Updated 2 weeks ago