REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
☆265Jan 13, 2022Updated 4 years ago
Alternatives and similar repositories for rest-api-fuzz-testing
Users that are interested in rest-api-fuzz-testing are comparing it to the libraries listed below
Sorting:
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,868Feb 13, 2026Updated 2 weeks ago
- A self-hosted Fuzzing-As-A-Service platform☆2,831Nov 1, 2023Updated 2 years ago
- The DevSecOps toolset for REST APIs☆278Jan 13, 2023Updated 3 years ago
- PoCs discovered through fuzzing which resulted in a CVE assignment.☆18Feb 14, 2020Updated 6 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆159Mar 12, 2024Updated last year
- CodeQL model generation for Go.☆17Jun 11, 2021Updated 4 years ago
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆466Mar 6, 2025Updated 11 months ago
- Reverse Engineering tool for Ethereum EVM☆20Jun 30, 2016Updated 9 years ago
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Jan 20, 2026Updated last month
- ParmeSan: Sanitizer-guided Greybox Fuzzing☆177Apr 19, 2024Updated last year
- Extract parameters/paths from urls☆17Aug 2, 2020Updated 5 years ago
- Sensitive and Collaborative Fuzzing with AFL☆27Jul 29, 2019Updated 6 years ago
- Fuzz Introspector -- introspect, extend and optimise fuzzers☆447Feb 23, 2026Updated last week
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- a grammar based feedback fuzzer☆166Jul 1, 2023Updated 2 years ago
- PyJFuzz - Python JSON Fuzzer☆380Aug 2, 2023Updated 2 years ago
- Segment's Threat Modeling training for our engineers☆245May 4, 2021Updated 4 years ago
- An exploit for Apache Struts CVE-2018-11776☆302Aug 26, 2018Updated 7 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- ☆12Jan 1, 2021Updated 5 years ago
- QL Workshop☆16Sep 30, 2019Updated 6 years ago
- A wrapper around jq, to help you parse jq output!☆30Aug 23, 2020Updated 5 years ago
- ☆227Dec 18, 2025Updated 2 months ago
- A tool that automatically creates fuzzing harnesses based on a library☆285Nov 13, 2021Updated 4 years ago
- Proof of Concept's provided by Source Incite☆37Aug 10, 2017Updated 8 years ago
- An automated setup for fuzzing Redis w/ AFL++☆35Mar 12, 2022Updated 3 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆226May 9, 2024Updated last year
- Source code of MEUZZ fuzzer☆46Dec 11, 2021Updated 4 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,085Updated this week
- DOM fuzzer☆1,769Nov 26, 2024Updated last year
- ☆401Sep 23, 2021Updated 4 years ago
- SubR3con is a script written in python. It uses Sublist3r to enumerate all subdomains of a specific target and then it checks for status …☆18Jul 23, 2019Updated 6 years ago
- ZipArchive 2.1.4 dir traversal 0-Day☆17Aug 30, 2018Updated 7 years ago
- FuzzBench - Fuzzer benchmarking as a service.☆1,185Jan 26, 2026Updated last month
- Scripts for interacting with MSRC portal data☆77Sep 12, 2018Updated 7 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago