mattvaldes / vulnerable-apiLinks
This repository contains an example Python API that is vulnerable to several different web API attacks.
☆70Updated last year
Alternatives and similar repositories for vulnerable-api
Users that are interested in vulnerable-api are comparing it to the libraries listed below
Sorting:
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆43Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆157Updated last month
- Finds the End-Points in JavaScript files☆95Updated 3 years ago
- GraphQL security testing tool☆124Updated 3 years ago
- ASN reconnaissance script☆130Updated last year
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- ☆71Updated 4 years ago
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆27Updated 6 years ago
- Clientside vulnerability / reflected xss fuzzer☆148Updated 2 years ago
- A natural evolution of Burp Suite's Repeater tool☆93Updated last year
- All-in-one AWS S3 bucket tool for pentesters.☆74Updated 6 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆181Updated 2 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆104Updated last year
- AWS Security Checks☆40Updated 7 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆77Updated 5 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆80Updated 3 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Updated 6 years ago
- Evenly distributes scanner load across targets☆92Updated 4 months ago
- Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …☆204Updated last year
- ☆31Updated 4 years ago
- Brute force AWS bucket finder☆61Updated 2 years ago
- Push notifications for passive DNS data☆109Updated 9 years ago
- ☆17Updated 4 years ago
- A permutation generation tool written in golang☆210Updated 6 years ago
- Awesome XSS Payloads☆84Updated 9 years ago
- ☆60Updated last year
- Damn Vulnerable Java (EE) Application☆141Updated last year
- Detectify Crowdsource Challenge☆69Updated 3 years ago
- GraphQL security workshop labs☆113Updated last month
- ☆81Updated 3 years ago