microsoft / rest-api-fuzz-testingLinks
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
☆263Updated 3 years ago
Alternatives and similar repositories for rest-api-fuzz-testing
Users that are interested in rest-api-fuzz-testing are comparing it to the libraries listed below
Sorting:
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆222Updated last year
- Collection of tools for analyzing open source packages.☆342Updated 3 weeks ago
- Java Observability Toolkit☆61Updated last year
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆145Updated last year
- SARIF Microsoft Visual Studio Code extension☆117Updated 2 weeks ago
- User-friendly documentation for the SARIF file format.☆309Updated last year
- Software Component Verification Standard (SCVS)☆147Updated 2 months ago
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆449Updated 3 months ago
- Microsoft Threat Modeling Template files☆189Updated 2 years ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆148Updated 4 years ago
- threatspec - continuous threat modeling, through code☆358Updated 4 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆179Updated 6 years ago
- ☆251Updated 4 years ago
- k8s audit repo☆228Updated 5 years ago
- A cross-platform browser fuzzing framework☆308Updated last week
- Desktop variant of OWASP Threat Dragon☆77Updated 3 years ago
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆492Updated 6 months ago
- Generic SAST Library☆131Updated last week
- ☆196Updated 7 months ago
- Security scanning & static analysis tool☆94Updated 8 months ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- OpenSSF Security Tooling Working Group☆311Updated last year
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆282Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆844Updated last year
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆364Updated 6 months ago
- Segment's Threat Modeling training for our engineers☆243Updated 4 years ago
- A Continuous Threat Modeling methodology☆321Updated 3 years ago
- Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.☆119Updated last year
- RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security…☆2,743Updated 2 months ago