crAPI
owasp-zap-jwt-addon
crAPI | owasp-zap-jwt-addon | |
---|---|---|
2 | 6 | |
960 | 28 | |
2.3% | - | |
7.3 | 1.6 | |
5 days ago | 11 months ago | |
Java | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
crAPI
-
how do you guys create your swagger file?
The swagger file for that is available on their repository here: https://github.com/OWASP/crAPI/blob/develop/openapi-spec/openapi-spec.json
- Vulnerable machines for learning
owasp-zap-jwt-addon
- Hacktoberfest'21
- Hacktoberfest Interesting tasks for contribution
- Owasp VulnerableApp: A VulnerableApplication to help scanner evaluate themselves and also for students to learn about vulnerabilities.
- Owasp ZAP JWT addon for finding vulerabilities in JWT implementations.
-
Scanning and Fuzzing JWT's
In case you are interested in project, visit: https://github.com/SasanLabs/owasp-zap-jwt-addon
What are some alternatives?
cherrybomb - Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
jjwt - Java JWT: JSON Web Token for Java and Android
find-sec-bugs - The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
ZAP - The ZAP core project
openapi-generator - OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)
VulnerableApp - OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
owasp-zap-fileupload-addon - OWASP ZAP add-on for finding vulnerabilities in File Upload functionality.
automatic-api-attack-tool - Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
VulnerableApp-facade - VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.
JDA - Java wrapper for the popular chat & VOIP service: Discord https://discord.com
ctfd-account-hook