microsoft / rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
☆263Updated 3 years ago
Alternatives and similar repositories for rest-api-fuzz-testing:
Users that are interested in rest-api-fuzz-testing are comparing it to the libraries listed below
- Collection of tools for analyzing open source packages.☆332Updated last week
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆220Updated 10 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆142Updated last year
- SARIF Microsoft Visual Studio Code extension☆113Updated last week
- Java Observability Toolkit☆61Updated 10 months ago
- threatspec - continuous threat modeling, through code☆353Updated 4 years ago
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆442Updated 3 weeks ago
- Microsoft Threat Modeling Template files☆184Updated 2 years ago
- User-friendly documentation for the SARIF file format.☆293Updated last year
- OASIS SARIF TC: Repository for development of the draft standard, where requests for modification should be made via Github Issues☆178Updated 3 weeks ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- OpenSSF Security Tooling Working Group☆309Updated 10 months ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆115Updated last year
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆477Updated 3 months ago
- k8s audit repo☆227Updated 5 years ago
- Software Component Verification Standard (SCVS)☆142Updated 11 months ago
- Open Source Software Secure Supply Chain Framework☆236Updated 2 years ago
- A React-based component for viewing SARIF files.☆91Updated 4 months ago
- .NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs…☆200Updated 3 weeks ago
- Security scanning & static analysis tool☆94Updated 5 months ago
- The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…☆204Updated 2 months ago
- A Continuous Threat Modeling methodology☆314Updated 2 years ago
- DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.☆929Updated 3 weeks ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆179Updated 6 years ago
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,698Updated 2 weeks ago
- A Node.js vulnerability finding tool.☆96Updated 4 years ago
- SAMM stands for Software Assurance Maturity Model.☆398Updated 2 years ago
- ☆240Updated 8 months ago
- App that simplifies building decision trees to model adverse scenarios☆205Updated 8 months ago
- OWASP Foundation Threat Dragon Project Web Repository☆78Updated last week