apisecurity

API Security Project aims to present unique attack & defense methods in API Security field

completely ridiculous API (crAPI)

A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

This repository was developed using .NET 7.0 API technology based on findings listed in the OWASP 2019 API Security Top 10.

Tests your API automatically for common API vulnerabilities. Project is still Work In Progress. PRs are appreciated.

API Penetration Testing Notes

This application contains intentional security vulnerabilities and should never be deployed in production environments or exposed to the internet. Use only in controlled, isolated environments for security training, demonstrations, and testing. This lab was originally created by TheCyberpunker - Luis Uribe, a security researcher from our company.

This is a Python based API-Security framework containing ApiSecurityHeader.py script which will check the Security response headers mentioned in OWASP Secure Headers Project are present and contains the required value.

Learning Frontend Development starting with basics of HTML , CSS and JavaScript . Future plan include learning MERN stack and continuing with Backend Development.

A complete package for security testing of REST, SOAP and GraphQL APIs for vulnerabilities.

Complete Package of API Firewalll (wallarm) with controller and panel

This project showcases a comprehensive implementation of authorization and middleware in a Laravel application. The focus is on demonstrating how to manage user permissions and protect routes using Laravel’s built-in authorization features and custom middleware.

OWASP (Open Web Application Security Project) publishes a list of the top 10 security risks associated with web applications, including those related to APIs (Application Programming Interfaces). Here are the OWASP API Security Top 10 vulnerabilities, explained

An API to manage personal finances with expense tracking, budgeting, and analytics features.

Built TechVault API, a FastAPI-based tool that fetches and summarizes MDN Web Docs for developers. It streamlines documentation lookup, enhances readability, and ensures secure, efficient access. Excited to keep improving it with more sources and AI-powered summarization!

In this repo, I share blog posts, hacking tricks, detailed writeups, insightful articles, CTF challenges, and anything else related to application security and API security that I learn along the way. Join me on this journey as we explore the exciting realm of digital defense together.