Top 14 api-security Open-Source Projects

• security-study-plan

  3 4,108 6.4

  Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

• awesome-api-security

  5 2,730 6.6

  A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Project mention: FLaNK Stack Weekly for 27 November 2023 | dev.to | 2023-11-27

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• 31-days-of-API-Security-Tips

  2 2,057 0.0

  This challenge is Inon Shkedy's 31 days API Security Tips.

• HolyTips

  2 1,685 4.1

  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

• metlo

  21 1,567 6.0 TypeScript

  Metlo is an open-source API security platform.

  

Project mention: Using Metlo to Secure My Personal Finance App | dev.to | 2023-06-29

So far, I’ve been using Metlo's protection features to initially test out its capabilities on my app, but there’s still a whole other Testing feature that it has that I'm starting to look into. Everything I’ve tried out has been pretty quick and easy so hopefully I can play around with the Testing more to help me catch any other authentication or authorization vulnerabilities that might exist in my app. If this is something that interests you, you can check it out at https://metlo.com .

• gotestwaf

  5 1,410 7.1 Go

  An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

  

• cherrybomb

  63 1,042 6.8 Rust

  Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

  

Project mention: Cherrybomb: Audit, validate and test API specifications | news.ycombinator.com | 2023-11-22

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• akto

  2 823 9.9 Java

  Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

  

Project mention: Open source vulnerability scanner | /r/cybersecurity | 2023-12-05

Qualys is good. For open source vulnerability scanner for APIs - you can also try https://github.com/akto-api-security/akto

• MindAPI

  2 775 7.3

  Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

• openappsec

  23 661 8.8 C++

  open-appsec is an open-source machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. It is available for NGINX, NGINX Ingress, Envoy (Soon), Kong (Soon), Ambassador (Soon).

  

Project mention: Seeking contributors for a security open-source project | /r/developersIndia | 2023-09-16

If someone in the community is interested in doing these projects, we will be happy to guide and help you. The contributions guidelines are available here: https://github.com/openappsec/openappsec/blob/main/CONTRIBUTING.md

• api-firewall

  15 531 6.9 Go

  Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

  

Project mention: api-firewall VS asteria - a user suggested alternative | libhunt.com/r/api-firewall | 2023-08-27

• apiclarity

  9 471 4.0 Go

  An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks. 

  

Project mention: Two approaches to make your APIs more secure | dev.to | 2023-08-29

We'll install APIClarity into a Kubernetes cluster to test our API documentation. We're using a Kind cluster for demonstration purposes. Of course, if you have another Kubernetes cluster up and running elsewhere, all steps also work there.

• Web_Hacking

  1 186 9.2

  Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Project mention: Web Hacking Toolbox | news.ycombinator.com | 2023-10-05

• Go-Hacking

  1 170 5.9 Go

  A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

api-security related posts

• Open source vulnerability scanner
  2 projects | /r/cybersecurity | 5 Dec 2023
• FLaNK Stack Weekly for 27 November 2023
  28 projects | dev.to | 27 Nov 2023
• Seeking contributors for a security open-source project
  1 project | /r/developersIndia | 16 Sep 2023
• open-appsec seeking contributors
  1 project | /r/opensource | 20 Jul 2023
• API Security Testing
  2 projects | /r/cybersecurity | 27 Mar 2023
• List of API Security tools and resources
  1 project | /r/CKsTechNews | 5 Mar 2023
• Deep Dive into open-appsec Machine Learning Technology
  1 project | /r/devops | 15 Feb 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 27 Apr 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com