microsoft / restler-fuzzerLinks
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
☆2,826Updated 3 weeks ago
Alternatives and similar repositories for restler-fuzzer
Users that are interested in restler-fuzzer are comparing it to the libraries listed below
Sorting:
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆459Updated 8 months ago
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆264Updated 3 years ago
- CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with min…☆1,304Updated 2 weeks ago
- Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!☆567Updated last year
- A self-hosted Fuzzing-As-A-Service platform☆2,822Updated 2 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,012Updated this week
- Open source vulnerability DB and triage service.☆2,362Updated this week
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆506Updated 11 months ago
- OpenSSF Scorecard - Security health metrics for Open Source☆5,127Updated this week
- grep rough audit - source code auditing tool☆1,658Updated 5 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆852Updated 2 years ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,687Updated 2 weeks ago
- CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security☆8,887Updated this week
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆838Updated last year
- Coverage-guided, in-process fuzzing for the JVM☆1,165Updated this week
- A security focused static analysis tool for Android and Java applications.☆1,194Updated last week
- DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.☆962Updated last month
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,178Updated 3 weeks ago
- A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' qu…☆4,368Updated 2 weeks ago
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,719Updated last year
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,440Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆815Updated this week
- A static analysis tool for securing Go code☆2,174Updated last year
- FuzzBench - Fuzzer benchmarking as a service.☆1,157Updated 9 months ago
- A versatile and portable proxy for capturing, manipulating, and replaying HTTP/HTTPS traffic on the go.☆2,938Updated 3 weeks ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆768Updated last year
- Resources related to GitHub Security Lab☆1,542Updated 2 weeks ago
- LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Reque…☆1,456Updated last year
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆550Updated 3 years ago
- Automated Security Testing For REST API's☆2,614Updated last year