Repository navigation

#

api-security

jassics / security-study-plan 

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securityCybersecuritysecurity-testingapi-security
4671
22 天前
arainho / awesome-api-security 

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

api-securityapi-secAwesome Listsapi-hackingapi-pentestapisec安全pentestFuzzing/Fuzz testingCybersecurity
3379
4 个月前
API-Security / APIKit 

APIKit:Discovery, Scan and Audit APIs Toolkit All In One.

burp-extensionsapisecapi-securityapi-sec
Java
2154
1 年前
inonshk / 31-days-of-API-Security-Tips 

This challenge is Inon Shkedy's 31 days API Security Tips.

pentestapi-pentestBug Bountyapi-security安全bugbountytipsCybersecurity
2146
3 年前
HolyBugx/HolyTips
HolyBugx / HolyTips 

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

安全WebWeb appwebsecurityBug Bountybugbountytipsbugbounty-writeupspentestpentestingwriteupsAPIapi-securitychecklist
1895
4 年前
metlo-labs / metlo 

Metlo is an open-source API security platform.

安全APIapi-securityapplication-securityCybersecurity监控vulnerabilitiesvulnerability-detectionmetloapi-pentestAmazon Web ServicesBug Bountybugbounty-toolsinfosectoolspentest
TypeScript
1725
1 个月前
wallarm / gotestwaf 

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

owaspapi-security安全Bug Bountywafweb-application-securityweb-application-firewallsecurity-testinggraphql-security
Go
1706
19 天前
Safe3/uusec-waf
Safe3 / uusec-waf 

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

wafapplication-securityweb-application-firewallmodsecurityweb-security-gatewayAPIapi-securitywaap安全ddosowasphipsraspdata-maskxsssql-injectionuusecuusec-wafuuwafletsencrypt
Lua
1387
17 小时前
akto-api-security / akto 

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

api-securityapi-discoveryapi-security-testingapi-testingAuthenticationAuthorizationdevsecopsidorowasp-top-10安全security-testingsensitive-data-exposurethreat-detectionHacktoberfesthacktoberfest2023devsecops-pipeline
Java
1371
9 小时前
openappsec / openappsec 

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

api-securityapplication-securityKubernetesnginxweb-application-firewallappsecdevsecopskongrate-limiting安全wafowaspowasp-top-ten
C++
1318
8 天前
blst-security/cherrybomb
blst-security / cherrybomb 

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

firecracker命令行界面cyberCybersecuritybusiness-logic安全APIapi-securitybest-practicesHTTPOpenAPI Specificationopenapi3Open Sourcewebsecurityweb-security
Rust
1206
10 个月前
Zeyad-Azima / Offensive-Resources 

A Huge Learning Resources with Labs For Offensive Security Players

APIinfrastructurelearning安全移动WebhackHackingowaspCybersecurityweb-securitymobile-securityoffensiveoffensive-securityred-teamowasp-top-10redteamcloud-securityapi-securityred-teaming
981
3 年前
dsopas / MindAPI 

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

Hackingmethodologymindmapapi-security
847
7 天前
wallarm / awesome-nginx-security 

🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

nginxmodsecuritywafnaxsiAwesome Lists安全webserverload-balancernginx-servernginx-configurationKubernetesapplication-securityapi-securityapigateway
771
2 年前
Mehdi0x90 / Web_Hacking 

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

api-pentestBug BountyHackingpayloadspenetration-testingReconnaissanceweb-application-securitywebhackingwebsecuritybypasscheatsheetpentest安全vulnerabilityExploitapi-securitybug-bounty-huntersowaspenumerationredteam
648
6 天前
OWASP / OFFAT 

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

api-hackingAPIapi-securityapi-security-testingowaspoffat
Python
639
1 个月前
wallarm / api-firewall 

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

proxyfirewallwafAPIapigateway安全api-securityOpenAPI Specificationswaggerweb-application-securityweb-application-firewall
Go
629
2 天前
openclarity / apiclarity 

An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks. 

Kubernetes微服务api-securityswaggerOpenAPI Specificationservice-meshWebAssemblyistioenvoy
Go
545
10 个月前
adhocore / php-jwt 

Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.4+. This library makes JWT a cheese. It is a minimal JWT integration for PHP.

PHPJSON Web Tokensapi-securityOAuth 2.0json-web-signature
PHP
298
6 个月前
yogsec / API-Pentesting-Tools 

API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).

APIapi-securityapi-security-testingapi-hackingapi-secCybersecurityOSINTethical-hacking-toolsPython工具
225
5 个月前