Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!
☆576Jan 29, 2024Updated 2 years ago
Alternatives and similar repositories for openapi-fuzzer
Users that are interested in openapi-fuzzer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,875Feb 13, 2026Updated last month
- CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with min…☆1,350Mar 2, 2026Updated 3 weeks ago
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆466Mar 6, 2025Updated last year
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Dec 6, 2022Updated 3 years ago
- Simple fuzzer for OpenAPI 3 specification based APIs☆23Feb 16, 2023Updated 3 years ago
- Automagically reverse-engineer REST APIs via capturing traffic☆9,266Mar 16, 2026Updated last week
- Port OpenAPI Specs to Postman Collections, inject test suite and run via Newman 👨🏽🚀☆679Feb 28, 2026Updated 3 weeks ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆281Sep 11, 2025Updated 6 months ago
- Information about how the python grammar has changed over time☆12Feb 13, 2024Updated 2 years ago
- Slice and dice logs on the command line☆3,719Feb 5, 2026Updated last month
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,504Updated this week
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆227May 9, 2024Updated last year
- An OpenAPI client generator☆876Mar 16, 2026Updated last week
- jq for binary formats - tool, language and decoders for working with binary and text formats☆10,443Updated this week
- Catch API bugs before your users do☆3,113Mar 16, 2026Updated last week
- Kusk Gen generates Ingress-controller configurations from your OpenAPI definition☆173Oct 17, 2022Updated 3 years ago
- Goldmark extension for D2 diagrams☆21Sep 6, 2025Updated 6 months ago
- Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validati…☆1,226Oct 25, 2024Updated last year
- A flexible JSON/YAML linter for creating automated style guides, with baked in support for OpenAPI (v3.1, v3.0, and v2.0), Arazzo v1.0, a…☆3,043Updated this week
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆565Oct 8, 2024Updated last year
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 5 years ago
- The effort to explore the future of the OpenAPI Specification is known as "Moonwalk." It includes 4.x considerations but also strives to …☆343Apr 8, 2025Updated 11 months ago
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆795Updated this week
- Browser extension that generates API specs for any app or website☆4,286Mar 19, 2025Updated last year
- A tree-sitter based AST difftool to get meaningful semantic diffs☆2,341Updated this week
- A static analysis tool for securing Go code☆2,166Jan 23, 2024Updated 2 years ago
- Visualize the output of the unix lsof to see which files are open by which processes☆15Mar 2, 2025Updated last year
- A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️☆11,599Mar 14, 2026Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆8,565Updated this week
- The Doctor. Just the doctor, no more, no less. The OpenAPI all in one suite.☆37Updated this week
- Diagrams as code☆53Sep 24, 2025Updated 5 months ago
- Search algorithms written in Rust☆11Feb 15, 2018Updated 8 years ago
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆264Jan 13, 2022Updated 4 years ago
- 🤖 Just a command runner☆32,242Updated this week
- compiler from JSON Schema into idiomatic Rust types☆809Mar 16, 2026Updated last week
- a structural diff that understands syntax 🟥🟩☆24,670Mar 16, 2026Updated last week
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆2,140Feb 23, 2026Updated last month
- ☆19Jan 24, 2023Updated 3 years ago
- Secure and fast microVMs for serverless computing.☆33,042Updated this week