owasp-zap-jwt-addon
crAPI
owasp-zap-jwt-addon | crAPI | |
---|---|---|
6 | 2 | |
28 | 963 | |
- | 2.6% | |
1.6 | 7.3 | |
11 months ago | 3 days ago | |
Java | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
owasp-zap-jwt-addon
- Hacktoberfest'21
- Hacktoberfest Interesting tasks for contribution
- Owasp VulnerableApp: A VulnerableApplication to help scanner evaluate themselves and also for students to learn about vulnerabilities.
- Owasp ZAP JWT addon for finding vulerabilities in JWT implementations.
-
Scanning and Fuzzing JWT's
In case you are interested in project, visit: https://github.com/SasanLabs/owasp-zap-jwt-addon
crAPI
-
how do you guys create your swagger file?
The swagger file for that is available on their repository here: https://github.com/OWASP/crAPI/blob/develop/openapi-spec/openapi-spec.json
- Vulnerable machines for learning
What are some alternatives?
jjwt - Java JWT: JSON Web Token for Java and Android
cherrybomb - Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
ZAP - The ZAP core project
find-sec-bugs - The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
VulnerableApp - OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
openapi-generator - OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)
owasp-zap-fileupload-addon - OWASP ZAP add-on for finding vulnerabilities in File Upload functionality.
VulnerableApp-facade - VulnerableApp-facade is probably most modern lightweight distributed farm of Vulnerable Applications built for handling wide range of vulnerabilities across tech stacks.
automatic-api-attack-tool - Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
JDA - Java wrapper for the popular chat & VOIP service: Discord https://discord.com
ctfd-account-hook