Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
☆574Jan 29, 2024Updated 2 years ago
Alternatives and similar repositories for openapi-fuzzer
Users that are interested in openapi-fuzzer are comparing it to the libraries listed below
Sorting:
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,868Feb 13, 2026Updated 2 weeks ago
- CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with min…☆1,344Updated this week
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆466Mar 6, 2025Updated 11 months ago
- Simple fuzzer for OpenAPI 3 specification based APIs☆23Feb 16, 2023Updated 3 years ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Dec 6, 2022Updated 3 years ago
- Automagically reverse-engineer REST APIs via capturing traffic☆9,247Feb 23, 2026Updated last week
- Proof Of Concept code for OctoberCMS Auth Bypass CVE-2021-32648☆12Jan 14, 2022Updated 4 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆282Sep 11, 2025Updated 5 months ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,285Updated this week
- Slice and dice logs on the command line☆3,711Feb 5, 2026Updated 3 weeks ago
- An OpenAPI client generator☆861Updated this week
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆561Oct 8, 2024Updated last year
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆226May 9, 2024Updated last year
- A tree-sitter based AST difftool to get meaningful semantic diffs☆2,335Updated this week
- jq for binary formats - tool, language and decoders for working with binary and text formats☆10,425Updated this week
- Kusk Gen generates Ingress-controller configurations from your OpenAPI definition☆173Oct 17, 2022Updated 3 years ago
- Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validati…☆1,227Oct 25, 2024Updated last year
- Browser extension that generates API specs for any app or website☆4,277Mar 19, 2025Updated 11 months ago
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆264Jan 13, 2022Updated 4 years ago
- A static analysis tool for securing Go code☆2,167Jan 23, 2024Updated 2 years ago
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,480Feb 23, 2026Updated last week
- Tfsec is now part of Trivy☆6,956Nov 10, 2025Updated 3 months ago
- Secure and fast microVMs for serverless computing.☆32,675Updated this week
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,126Feb 23, 2026Updated last week
- A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️☆11,431Updated this week
- A vulnerability scanner for container images and filesystems☆11,652Updated this week
- ☆19Jan 24, 2023Updated 3 years ago
- full text search manpages☆29Nov 6, 2021Updated 4 years ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆723Updated this week
- 🐇 Fuzzing Rust code with American Fuzzy Lop☆1,809Feb 23, 2026Updated last week
- 🤖 Just a command runner☆31,732Feb 16, 2026Updated 2 weeks ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,737Feb 16, 2026Updated 2 weeks ago
- A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.☆21,436Feb 2, 2026Updated last month
- Fast web fuzzer written in Go☆15,637Apr 24, 2025Updated 10 months ago
- A remake of the classic Boulder Dash game in Rust, using Amethyst.rs engine☆22May 11, 2020Updated 5 years ago
- A syntax-highlighting pager for git, diff, grep, and blame output☆29,231Updated this week
- a structural diff that understands syntax 🟥🟩☆24,241Updated this week
- Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applic…☆4,600Jan 4, 2026Updated last month