api-security
There are 213 repositories under api-security topic.
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
API-Security/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
metlo-labs/metlo
Metlo is an open-source API security platform.
wallarm/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Safe3/uusec-waf
Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
akto-api-security/akto
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
openappsec/openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
blst-security/cherrybomb
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
Zeyad-Azima/Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
dsopas/MindAPI
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
wallarm/awesome-nginx-security
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Mehdi0x90/Web_Hacking
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
OWASP/OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
wallarm/api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
openclarity/apiclarity
An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.
adhocore/php-jwt
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.4+. This library makes JWT a cheese. It is a minimal JWT integration for PHP.
mytechnotalent/Go-Hacking
A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
TPIsoftwareOSPO/digiRunner-Open-Source
digiRunner: Your API Gateway for Microservices
cerberauth/vulnapi
API Security Vulnerability Scanner designed to help you secure your APIs.
piomin/sample-spring-oauth2-microservices
some examples that show basic and more advanced implementations of oauth2 authorization mechanism in spring-cloud microservices environment
CyberAlbSecOP/Awesome_CyberSec_Bible
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hacking, Social Engineering, Privacy, Incident Response, Threat Assestment, Personal Security, Ai Security, Android Security, Iot Security, Standards.
abunuwas/fencer
Automated API security testing
approov/shipfast-api-protection
Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.
Escape-Technologies/graphql-security-academy
🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!
ionutbalosin/java-application-security-practices
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
OWASP/www-project-api-security
OWASP Foundation Web Repository
aws-samples/step-up-auth
How to implement Step-up Authentication using Amazon Cognito
dotnet-labs/HerokuContainer
Dockerized ASP.NET Core Web API app in Heroku
chambits/nest-keycloak-oauth
Secure NestJs Rest API with Keycloak
light-hat/immunity
In progress. Interactive Analysis Platform for Distributed Debugging and Security Testing (IAST, SCA).
wallarm/docker-wallarm-node
⚡️ Official docker image for Wallarm Node. API security platform agent.
approov/AppAuth-OAuth2-Books-Demo
A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
itrondi/api-crypto-spring-boot
api-crypto-spring-boot 是基于 Spring Boot 开发的控制器统一注解方式自动加解密 请求体、响应体 的启动器,该组件能够提供在 接口交互过程中数据的安全保护能力。支持常见的 加解密算法、编码、签名 等模式;