28 results found Sort:

jassics
security-study-plan jassics
546
4.4k
unknown
109
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
appsec infosec pentesting study-plan study-guide api-security aws-security gcp-security cybersecurity study-planner azure-security appsec-tutorials security-testing application-security devsecops-university cybersecurity-education
Created 2022-04-19
91 commits to main branch, last one 21 days ago
arainho
awesome-api-security arainho
512
3.1k
gpl-3.0
69
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
apisec api-sec fuzzing infosec pentest security api-hacks api-hacking api-hunting api-pentest api-security awesome-list api-hardening
Created 2020-08-14
268 commits to master branch, last one 2 months ago
inonshk
31-days-of-API-Security-Tips inonshk
332
2.1k
unknown
63
This challenge is Inon Shkedy's 31 days API Security Tips.
infosec pentest security bugbounty bug-bounty api-pentest api-security bugbountytips
Created 2020-02-01
9 commits to master branch, last one 3 years ago
API-Security
APIKit API-Security
170
1.9k
gpl-3.0
22
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
apisec api-sec api-security burp-extensions
Created 2021-11-24
6 commits to main branch, last one about a year ago
HolyBugx
HolyTips HolyBugx
301
1.8k
gpl-3.0
76
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api web webapp pentest security writeups bugbounty checklist pentesting websecurity api-security bugbountytips bugbounty-writeups
Created 2021-03-21
46 commits to main branch, last one 3 years ago
metlo-labs
metlo metlo-labs
91
1.6k
mit
14
Metlo is an open-source API security platform.
aws metlo infosec pentest security bugbounty monitoring api-gateway api-pentest api-security infosectools cybersecurity bugbounty-tools vulnerabilities application-security vulnerability-detection
Created 2022-07-26
1,207 commits to develop branch, last one about a year ago
wallarm
gotestwaf wallarm
215
1.6k
mit
42
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
waf owasp security bugbounty api-security grpc-security rest-security security-tools graphql-security security-testing web-application-firewall web-application-security
Created 2020-01-28
518 commits to master branch, last one about a month ago
blst-security
cherrybomb blst-security
82
1.2k
apache-2.0
12
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
api cli blst http cyber openapi openapi3 security firecracker open-source websecurity api-security web-security cybersecurity best-practices business-logic security-tools web-sec-scanner
Created 2021-11-17
520 commits to main branch, last one 27 days ago
akto-api-security
akto akto-api-security
204
1.1k
mit
17
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
idor security devsecops api-testing api-security owasp-top-10 api-discovery authorization hacktoberfest authentication security-testing threat-detection hacktoberfest2023 devsecops-pipeline api-security-testing sensitive-data-exposure
Created 2023-01-31
4,935 commits to master branch, last one 23 hours ago
openappsec
openappsec openappsec
71
916
apache-2.0
21
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
waf kong nginx owasp appsec devsecops kubernetes api-security owasp-top-ten rate-limiting security-tools threat-prevention nginx-proxy-manager application-security web-application-firewall
Created 2022-10-26
311 commits to main branch, last one 14 days ago
Zeyad-Azima
Offensive-Resources Zeyad-Azima
207
910
unknown
33
A Huge Learning Resources with Labs For Offensive Security Players
api web hack owasp mobile hacking redteam learning red-team security offensive red-teaming api-security owasp-top-10 web-security cybersecurity cloud-security infrastructure mobile-security offensive-security
Created 2021-02-14
104 commits to main branch, last one 2 years ago
dsopas
MindAPI dsopas
160
823
cc0-1.0
23
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
hacking mindapi mindmap methodology api-security
Created 2021-03-22
244 commits to main branch, last one about a month ago
Safe3
uuWAF Safe3
105
806
other
8
A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP
waf ddos hips rasp waap owasp uuwaf security data-mask http-flood api-gateway modsecurity api-security application-security web-security-gateway web-application-firewall
Created 2022-09-18
400 commits to main branch, last one 3 days ago
wallarm
awesome-nginx-security wallarm
73
740
unknown
38
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
waf naxsi nginx security webserver apigateway kubernetes modsecurity api-security awesome-list mod-security nginx-server awesome-lists load-balancer nginx-security nginx-environment nginx-configuration application-security
Created 2017-09-05
36 commits to master branch, last one 4 years ago
wallarm
api-firewall wallarm
56
586
mpl-2.0
25
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
api waf proxy api-waf openapi swagger firewall security apigateway api-gateway api-wrapper api-firewall api-security openapi-spec rest-security security-tools openapi-security openapi-specification web-application-firewall web-application-security
Created 2021-05-14
224 commits to main branch, last one 8 days ago
openclarity
apiclarity openclarity
63
515
apache-2.0
21
An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks. 
k8s wasm envoy istio openapi swagger kubernetes shadow-api zombie-api api-security microservice openapi-spec service-mesh microservices openapi-specification
Created 2021-09-02
272 commits to master branch, last one 2 months ago
OWASP
OFFAT OWASP
66
456
mit
13
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towar...
offat owasp api-rest api-hacking api-security api-security-testing
Created 2023-09-25
387 commits to dev branch, last one 3 months ago
Mehdi0x90
Web_Hacking Mehdi0x90
54
320
unknown
6
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
owasp recon bypass exploit hacking pentest redteam payloads security bugbounty cheatsheet webhacking api-pentest enumeration websecurity api-security vulnerability bug-bounty-hunters penetration-testing web-application-security
Created 2023-08-18
259 commits to main branch, last one 2 days ago
adhocore
php-jwt adhocore
21
295
mit
10
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.2. This library makes JWT a cheese. It is a minimal JWT integration for PHP.
jwt php php7 php8 oauth2 php-jwt adhocore api-auth jwt-auth api-security json-web-token json-web-signature json-web-token-php jwt-authentication
Created 2017-04-13
120 commits to main branch, last one 10 months ago
mytechnotalent
Go-Hacking mytechnotalent
17
207
apache-2.0
8
A FREE comprehensive online Go hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Golang from scratch.
go api arm ida hack arm32 arm64 cyber intel golang system hacking ida-pro systems windows distributed api-security api-services cybersecurity reverse-engineering
Created 2022-11-21
45 commits to main branch, last one about a year ago
cerberauth
vulnapi cerberauth
9
83
mit
2
API Security Vulnerability Scanner designed to help you secure your APIs.
jwt dast graphql openapi security api-testing api-security owasp-top-10 authorization cybersecurity hacktoberfest authentication security-tools security-scanner api-security-testing vulnerability-scanners
Created 2023-08-22
399 commits to main branch, last one 3 days ago
abunuwas
fencer abunuwas
13
81
mit
7
Automated API security testing
api jwt oauth2 graphql openapi testing rest-api security api-security owasp-top-10 sql-injection api-security-testing
Created 2023-01-31
57 commits to main branch, last one 3 months ago
approov
shipfast-api-protection approov
10
78
mit
12
Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.
api apis mobile api-key approov pinning api-keys api-client api-secret api-server mobile-app api-security mobile-security mobile-development certificate-pinning hmac-authentication mobile-app-security api-key-authentication mobile-app-attestation mobile-security-framework
Created 2017-10-25
208 commits to main branch, last one 3 months ago
Escape-Technologies
graphql-security-academy Escape-Technologies
2
52
agpl-3.0
6
🔒 A free, open-source platform dedicated to understand and secure GraphQL applications — all directly in your browser!
graphql learning security community education api-security certification hacktoberfest hacktoberfest2023
Created 2023-02-28
229 commits to main branch, last one 22 days ago
CyberAlbSecOP
Awesome_CyberSec_Bible CyberAlbSecOP
12
48
unknown
1
Cyber-Security Bible! Theory and Tools, Kali Linux, Penetration Testing, Bug Bounty, CTFs, Malware Analysis, Cryptography, Secure Programming, Web App Security, Cloud Security, Devsecops, Ethical Hack...
hacking privacy security devsecops bug-bounty pentesting ai-security os-security api-security cybersecurity cloud-security cyber-security ethical-hacking malware-analysis incident-response social-engineering penetration-testing threat-intelligence web-application-security
Created 2024-01-11
33 commits to main branch, last one about a month ago
OWASP
www-project-api-security OWASP
21
47
unknown
18
OWASP Foundation Web Repository
owasp api-security
Created 2019-09-12
97 commits to master branch, last one 22 days ago
aws-samples
step-up-auth aws-samples
11
32
mit-0
9
How to implement Step-up Authentication using Amazon Cognito
cdk rba node lambda cognito dynamodb typescript api-gateway api-security step-up-auth adaptive-auth application-security step-up-authentication adaptive-authentication rule-based-authentication
Created 2022-03-11
30 commits to main branch, last one 10 days ago
ionutbalosin
java-application-security-practices ionutbalosin
4
25
unknown
4
Application security best practices and code implementations for Java developers. This project is intended for didactic purposes only, supporting my training course.
csp sca cors dast jwks sast api-security password-flow json-web-key-set security-logging security-testing oauth-grant-types token-introspection java-process-security authorization-code-flow client-credentials-flow roles-based-access-control security-design-principles authorization-code-flow-with-pkce
Created 2024-10-09
51 commits to main branch, last one 9 days ago