Code Monkey home page Code Monkey logo

awesome-api-security's Introduction

awesome-apisec

A collection of awesome API Security tools and resources.

Awesome Repositories

Repository Description
awesome-security-apis A collective list of public JSON APIs for use in security

Tools

Repository Description
Arjun HTTP parameter discovery suite
fuzzapi Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
kiterunner Contextual Content Discovery Tool
MindAPI Organize your API security assessment by using MindAPI

Cheatsheets

Website Description
owasp-api-security-top-10 OWASP API Security Top 10

Wiki's / Encyclopedias

Website Description
API Security Encyclopedia APIsecurity.io - API Security Encyclopedia

Checklist

Repository Description
API-Security-Checklist Checklist of the most important security countermeasures when designing, testing, and releasing your API

Training / Labs

Website Description
Kontra - OWASP Top 10 for API Is a series of free interactive application security training modules that teach developers how to identify and mitigate security vulnerabilities in their web API endpoints.
Pentesting Lab: vAPI vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable PHP Interface that mimics OWASP API Top 10 scenarios in the means of Exercises.

Presentations / Videos

Website Description
pentesting-rest-apis Pentesting Rest API's by :- Gaurang Bhatnagar
Securing your APIs “How Secure are you APIs?” - Securing your APIs: OWASP API Top 10 2019, Case Study and Demo
api-security-testing-for-hackers API Security Testing For Hackers
bad-api-hapi-hackers Bad API, hAPI Hackers!
disclosing-information-via-your-apis Hidden in Plain Site: Disclosing Information via Your APIs
rest-in-peace-abusing-graphql REST in Peace: Abusing GraphQL to Attack Underlying Infrastructure

Projects

Project Description
owasp api security project OWASP API Security Project - API Security Top 10

Newsletters

Newsletter Description
api security articles API Security Articles - The Latest API Security News, Vulnerabilities & Best Practices

Other useful repositories

Website Description
31-days-of-API-Security-Tips This challenge is Inon Shkedy's 31 days API Security Tips.
Awesome REST A collaborative list of great resources about RESTful API architecture, development, test, and performance. Feel free to contribute to this on-going list.
How to design a REST API How to design a REST API? - Full guide tackling security, pagination, filtering, versioning, partial answers, CORS, etc.
API Penetration Testing API Penetration Testing with OWASP 2017 Test Cases
api-security-testing-how-to-hack API Security Testing – How to Hack an API and Get Away with It (Part 1 of 3)
GraphQL penetration testing How to exploit GraphQL endpoint: introspection, query, mutations & tools

awesome-api-security's People

Contributors

arainho avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.