inonshk/31-days-of-API-Security-Tips external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

inonshk/31-days-of-API-Security-Tips

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/inonshk/31-days-of-API-Security-Tips)

Close

inonshk / 31-days-of-API-Security-TipsView on GitHubMore

• External links
• Readme badge

This challenge is Inon Shkedy's 31 days API Security Tips.

☆2,231Apr 20, 2022Updated 3 years ago

Alternatives and similar repositories for 31-days-of-API-Security-Tips

Users that are interested in 31-days-of-API-Security-Tips are comparing it to the libraries listed below

• HolyBugx / HolyTips

  View on GitHub
  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
  ☆1,983Sep 5, 2021Updated 4 years ago
• KathanP19 / HowToHunt

  View on GitHub
  Collection of methodology and test case for various web vulnerabilities.
  ☆7,039Jun 25, 2025Updated 8 months ago
• dwisiswant0 / awesome-oneliner-bugbounty

  View on GitHub
  A collection of awesome one-liner scripts especially for bug bounty tips.
  ☆3,077Jul 29, 2024Updated last year
• arainho / awesome-api-security

  View on GitHub
  A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…
  ☆3,650Nov 23, 2025Updated 3 months ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,482Oct 12, 2024Updated last year
• KingOfBugbounty / KingOfBugBountyTips

  View on GitHub
  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…
  ☆5,234Jan 31, 2026Updated last month
• devanshbatham / Awesome-Bugbounty-Writeups

  View on GitHub
  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
  ☆5,557Aug 6, 2023Updated 2 years ago
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,089Aug 14, 2024Updated last year
• daffainfo / AllAboutBugBounty

  View on GitHub
  All about bug bounty (bypasses, payloads, and etc)
  ☆6,658Sep 8, 2023Updated 2 years ago
• m4ll0k / BBTz

  View on GitHub
  BBT - Bug Bounty Tools (examples💡)
  ☆1,880Apr 5, 2024Updated last year
• swisskyrepo / SSRFmap

  View on GitHub
  Automatic SSRF fuzzer and exploitation tool
  ☆3,493Sep 4, 2025Updated 6 months ago
• gwen001 / pentest-tools

  View on GitHub
  A collection of custom security tools for quick needs.
  ☆3,284May 1, 2023Updated 2 years ago
• EdOverflow / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,385Sep 14, 2023Updated 2 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,779Apr 26, 2024Updated last year
• 0xInfection / Awesome-WAF

  View on GitHub
  Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥
  ☆7,381Aug 28, 2025Updated 6 months ago
• arkadiyt / bounty-targets-data

  View on GitHub
  This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …
  ☆3,659Updated this week
• harsh-bothra / learn365

  View on GitHub
  This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
  ☆1,692Jun 20, 2022Updated 3 years ago
• s0md3v / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆6,109Feb 20, 2025Updated last year
• snoopysecurity / awesome-burp-extensions

  View on GitHub
  A curated list of amazingly awesome Burp Extensions
  ☆3,373Feb 17, 2026Updated 2 weeks ago
• ayoubfathi / leaky-paths

  View on GitHub
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆1,024Feb 22, 2026Updated 2 weeks ago
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,297Apr 13, 2024Updated last year
• reddelexc / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆5,358Feb 28, 2026Updated last week
• jdonsec / AllThingsSSRF

  View on GitHub
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,361Jan 24, 2021Updated 5 years ago
• devanshbatham / ParamSpider

  View on GitHub
  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
  ☆3,012Jun 24, 2024Updated last year
• jaeles-project / jaeles

  View on GitHub
  The Swiss Army knife for automated Web Application Testing
  ☆2,323May 8, 2024Updated last year
• defparam / smuggler

  View on GitHub
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆2,062Jan 2, 2024Updated 2 years ago
• Karanxa / Bug-Bounty-Wordlists

  View on GitHub
  A repository that includes all the important wordlists used while bug hunting.
  ☆1,379Mar 11, 2023Updated 2 years ago
• ngalongc / bug-bounty-reference

  View on GitHub
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆4,073Jul 31, 2024Updated last year
• lc / subjs

  View on GitHub
  Fetches javascript file from a list of URLS or subdomains.
  ☆837Jul 22, 2025Updated 7 months ago
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,028Sep 8, 2024Updated last year
• 1ndianl33t / Gf-Patterns

  View on GitHub
  GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
  ☆1,401Sep 13, 2024Updated last year
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,033Feb 11, 2026Updated 3 weeks ago
• ticarpi / jwt_tool

  View on GitHub
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,402May 1, 2025Updated 10 months ago
• tomnomnom / hacks

  View on GitHub
  A collection of hacks and one-off scripts
  ☆2,423Mar 13, 2025Updated 11 months ago
• KathanP19 / JSFScan.sh

  View on GitHub
  Automation for javascript recon in bug bounty.
  ☆1,069Sep 9, 2023Updated 2 years ago
• s0md3v / AwesomeXSS

  View on GitHub
  Awesome XSS stuff
  ☆5,066Oct 30, 2024Updated last year
• ssl / ezXSS

  View on GitHub
  ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
  ☆2,244Jan 8, 2026Updated 2 months ago
• lutfumertceylan / top25-parameter

  View on GitHub
  For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
  ☆1,819Jun 9, 2024Updated last year
• fransr / postMessage-tracker

  View on GitHub
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,293Jan 26, 2024Updated 2 years ago