crAPI
automatic-api-attack-tool
crAPI | automatic-api-attack-tool | |
---|---|---|
2 | 4 | |
960 | 437 | |
2.3% | 0.7% | |
7.3 | 0.0 | |
4 days ago | 12 months ago | |
Java | Java | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
crAPI
-
how do you guys create your swagger file?
The swagger file for that is available on their repository here: https://github.com/OWASP/crAPI/blob/develop/openapi-spec/openapi-spec.json
- Vulnerable machines for learning
automatic-api-attack-tool
-
Automated API Testing Tools
https://github.com/imperva/automatic-api-attack-tool - attack tool by imperva
- Automated API Testing?
-
5 API testing tools
https://github.com/imperva/automatic-api-attack-tool In the world of cybersecurity, as far as I know, there are also many tools available to help test the security of applications.
What are some alternatives?
cherrybomb - Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
owasp-zap-jwt-addon - OWASP ZAP addon for finding vulnerabilities in JWT Implementations
crapi - A simple API client with built-in segment/header proxy support.
find-sec-bugs - The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Astra - Automated Security Testing For REST API's
openapi-generator - OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)
APIFuzzer - Fuzz test your application using your OpenAPI or Swagger API definition without coding
ZAP - The ZAP core project
hawk - INACTIVE - HTTP Holder-Of-Key Authentication Scheme
JDA - Java wrapper for the popular chat & VOIP service: Discord https://discord.com
ctfd-account-hook