microsoft / rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
☆263Updated 3 years ago
Alternatives and similar repositories for rest-api-fuzz-testing:
Users that are interested in rest-api-fuzz-testing are comparing it to the libraries listed below
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆218Updated 9 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 11 months ago
- Collection of tools for analyzing open source packages.☆329Updated last month
- A cross-platform browser fuzzing framework☆306Updated last week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆469Updated 2 months ago
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆439Updated last month
- Java Observability Toolkit☆61Updated 8 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆114Updated last year
- Software Component Verification Standard (SCVS)☆140Updated 10 months ago
- threatspec - continuous threat modeling, through code☆345Updated 4 years ago
- Microsoft Threat Modeling Template files☆183Updated 2 years ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- SARIF Microsoft Visual Studio Code extension☆113Updated 4 months ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆179Updated 6 years ago
- OpenSSF Security Tooling Working Group☆306Updated 9 months ago
- The DevSecOps toolset for REST APIs☆273Updated 2 years ago
- CLI to integrate continuous fuzzing with Fuzzit (no longer available)☆222Updated 4 years ago
- A curated list of different AFL forks and AFL inspired fuzzers with detailed equivalent academic papers and AFL-fuzzing tutorials☆541Updated last year
- ☆251Updated 4 years ago
- ☆180Updated 3 months ago
- User-friendly documentation for the SARIF file format.☆291Updated last year
- Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …☆157Updated last year
- A starter secure code review checklist☆180Updated 6 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆202Updated 3 months ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆147Updated 4 years ago
- Fuzz Introspector -- introspect, extend and optimise fuzzers☆397Updated this week
- A React-based component for viewing SARIF files.☆91Updated 3 months ago
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,673Updated last week
- Finding potential software vulnerabilities from git commit messages☆408Updated last year