Our great sponsors
-
-
ideas
:rocket: Ideas for everyone under a CC licence. Feel free to use. I'll send you a postcard if you build anything on this list. (by captn3m0)
Almost exactly a fit against my idea[1] to generate OpenAPI from HAR files.
[1]: https://github.com/captn3m0/ideas#openapi-specification-gene...
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
This is really incredible. With a rooted android phone and these tools, plus a couple others [1], you can basically reimplement anything in a weekend.
-
apiclarity
An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.
Hi, I would also like to add another tool I'm contributing to at work (cisco) called APIClarity [1]. It aims at reconstructing swagger specifications of REST microservices running in K8S, but can also be run locally.
This is a challenging task and we don't support OpenAPI v3 specs yet (we are working on it).
Feel free to have a look, and get ideas from it :)
We'll also be presenting it at next Kubecon 2022.
-
Very nice!
On the same note, I wrote a program to generate Python code (requests) from a HAR capture: https://github.com/louisabraham/har2requests
I think using HAR captures is simpler for the end user than spawning mitmproxy as they don't require any installation and are extracted from the network tab of the browser devtools. Is there a reason why you didn't use them?
-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
mitmproxy (https://mitmproxy.org/) has scripting support that will let you do most of this.
For example, you can expose mitmproxy, listen to HTTP requests for a specific host (using this API: https://docs.mitmproxy.org/stable/api/mitmproxy/http.html), intercept the request, do whatever API calls you need, and inject a response without ever forwarding the request to the original server.
Alternatively, you could modify the request and then change the request destination, like in this example here: https://docs.mitmproxy.org/stable/addons-examples/#http-redi.... Using the WSGI support, you could even use normal Python annotations to build your own API without doing too much pattern matching: https://docs.mitmproxy.org/stable/addons-examples/#wsgi-flas...
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
cats
CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-healing and do not require maintenance. (by Endava)
This is great :) You can then fuzz your APIs for issues using https://github.com/Endava/cats.