api-security
There are 165 repositories under api-security topic.
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
inonshk/31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
API-Security/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
HolyBugx/HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
metlo-labs/metlo
Metlo is an open-source API security platform.
wallarm/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
akto-api-security/akto
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
blst-security/cherrybomb
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
openappsec/openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Zeyad-Azima/Offensive-Resources
A Huge Learning Resources with Labs For Offensive Security Players
Safe3/uuWAF
An industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
dsopas/MindAPI
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
wallarm/awesome-nginx-security
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
OWASP/OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
wallarm/api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
openclarity/apiclarity
An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks.
Mehdi0x90/Web_Hacking
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
adhocore/php-jwt
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.4+. This library makes JWT a cheese. It is a minimal JWT integration for PHP.
mytechnotalent/Go-Hacking
A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
TPIsoftwareOSPO/digiRunner-Open-Source
digiRunner: Your API Gateway for Microservices
piomin/sample-spring-oauth2-microservices
some examples that show basic and more advanced implementations of oauth2 authorization mechanism in spring-cloud microservices environment
cerberauth/vulnapi
API Security Vulnerability Scanner designed to help you secure your APIs.
abunuwas/fencer
Automated API security testing
approov/shipfast-api-protection
Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.
CyberAlbSecOP/Awesome_CyberSec_Bible
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hacking, Social Engineering, Privacy, Incident Response, Threat Assestment, Personal Security, Ai Security, Android Security, Iot Security, Standards.
Escape-Technologies/graphql-security-academy
🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!
OWASP/www-project-api-security
OWASP Foundation Web Repository
aws-samples/step-up-auth
How to implement Step-up Authentication using Amazon Cognito
dotnet-labs/HerokuContainer
Dockerized ASP.NET Core Web API app in Heroku
chambits/nest-keycloak-oauth
Secure NestJs Rest API with Keycloak
wallarm/docker-wallarm-node
⚡️ Official docker image for Wallarm Node. API security platform agent.
ionutbalosin/java-application-security-practices
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
approov/AppAuth-OAuth2-Books-Demo
A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
miztiik/secure-private-api
AWS API Gateway Security Deep dive
itrondi/api-crypto-spring-boot
api-crypto-spring-boot 是基于 Spring Boot 开发的控制器统一注解方式自动加解密 请求体、响应体 的启动器,该组件能够提供在 接口交互过程中数据的安全保护能力。支持常见的 加解密算法、编码、签名 等模式;