microsoft / restler-fuzzerLinks
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
☆2,836Updated 2 weeks ago
Alternatives and similar repositories for restler-fuzzer
Users that are interested in restler-fuzzer are comparing it to the libraries listed below
Sorting:
- Fuzz test your application using your OpenAPI or Swagger API definition without coding☆462Updated 8 months ago
- REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and defau…☆265Updated 3 years ago
- CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with min…☆1,310Updated last week
- Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!☆572Updated last year
- A self-hosted Fuzzing-As-A-Service platform☆2,822Updated 2 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,021Updated last week
- Tutorials, examples, discussions, research proposals, and other resources related to fuzzing☆3,726Updated last year
- Open Source Package Analysis☆857Updated 7 months ago
- DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.☆967Updated last week
- ☆1,545Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆13,431Updated this week
- Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)☆839Updated last year
- ClusterFuzzLite - Simple continuous fuzzing that runs in CI.☆509Updated 11 months ago
- The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.☆1,937Updated this week
- Coverage-guided, in-process fuzzing for the JVM☆1,175Updated this week
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,183Updated last week
- Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validati…☆1,223Updated last year
- Open source vulnerability DB and triage service.☆2,378Updated last week
- Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.…☆2,734Updated this week
- grep rough audit - source code auditing tool☆1,661Updated 6 months ago
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,459Updated last year
- FuzzBench - Fuzzer benchmarking as a service.☆1,161Updated 9 months ago
- Automated Security Testing For REST API's☆2,626Updated last year
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆855Updated 2 years ago
- An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API securit…☆559Updated last year
- A Pythonic framework for threat modeling☆1,069Updated last week
- User-friendly documentation for the SARIF file format.☆329Updated last year
- Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.☆2,054Updated this week
- A security focused static analysis tool for Android and Java applications.☆1,199Updated this week
- ⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.☆1,050Updated 2 months ago