Alternatives and similar repositories for rest-api-fuzz-testing

Users that are interested in rest-api-fuzz-testing are comparing it to the libraries listed below

• Yelp / fuzz-lightyear
  A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…
  ☆226Updated last year
• microsoft / OSSGadget
  Collection of tools for analyzing open source packages.
  ☆356Updated 2 weeks ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆160Updated last year
• microsoft / sarif-vscode-extension
  SARIF Microsoft Visual Studio Code extension
  ☆132Updated 2 weeks ago
• planetlevel / jot
  Java Observability Toolkit
  ☆62Updated last year
• microsoft / threat-modeling-templates
  Microsoft Threat Modeling Template files
  ☆200Updated 3 years ago
• microsoft / sarif-web-component
  A React-based component for viewing SARIF files.
  ☆102Updated last year
• google / clusterfuzzlite
  ClusterFuzzLite - Simple continuous fuzzing that runs in CI.
  ☆519Updated 2 months ago
• microsoft / DevSkim
  DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
  ☆970Updated this week
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆320Updated 7 months ago
• KissPeter / APIFuzzer
  Fuzz test your application using your OpenAPI or Swagger API definition without coding
  ☆465Updated 11 months ago
• google / security-crawl-maze
  Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …
  ☆165Updated 2 months ago
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆377Updated 5 years ago
• AppThreat / sast-scan
  Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…
  ☆150Updated 5 years ago
• microsoft / codeql-container
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆122Updated 2 years ago
• microsoft / sarif-tutorials
  User-friendly documentation for the SARIF file format.
  ☆337Updated 2 years ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆153Updated 10 months ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆278Updated 3 years ago
• cve-search / git-vuln-finder
  Finding potential software vulnerabilities from git commit messages
  ☆419Updated 2 years ago
• MozillaSecurity / grizzly
  A cross-platform browser fuzzing framework
  ☆319Updated 3 weeks ago
• OWASP / threat-dragon-desktop
  Desktop variant of OWASP Threat Dragon
  ☆77Updated 4 years ago
• Teebytes / TnT-Fuzzer
  OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
  ☆111Updated 3 years ago
• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆182Updated 7 years ago
• advanced-security / codeql-workshops-staging
  Original workshops and staging area for new ones
  ☆16Updated 7 months ago
• google / path-auditor
  ☆252Updated 5 years ago
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆239Updated 3 years ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆93Updated last year
• OWASP / threat-modeling-playbook
  ☆35Updated 3 years ago
• trailofbits / it-depends
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…
  ☆381Updated last week
• bureado / awesome-software-supply-chain-security
  A compilation of resources in the software supply chain security domain, with emphasis on open source
  ☆344Updated 2 years ago