api-security
Here are 655 public repositories matching this topic...
Automatic SQL injection and database takeover tool
-
Updated
Jun 18, 2026 - Python
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
-
Updated
Apr 23, 2026
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
-
Updated
May 1, 2026
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
-
Updated
Apr 2, 2024 - Java
This challenge is Inon Shkedy's 31 days API Security Tips.
-
Updated
Apr 20, 2022
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
-
Updated
Sep 5, 2021
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
-
Updated
Jul 31, 2025 - Go
Metlo is an open-source API security platform.
-
Updated
Jul 25, 2025 - TypeScript
Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
-
Updated
Jun 15, 2026 - Shell
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
-
Updated
May 26, 2026 - C++
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
-
Updated
Jun 18, 2026 - Java
Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.
-
Updated
Jun 18, 2026 - Crystal
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
-
Updated
Oct 25, 2024 - Rust
A Huge Learning Resources with Labs For Offensive Security Players
-
Updated
Dec 9, 2025
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
-
Updated
May 27, 2026
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
-
Updated
Jun 11, 2026
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
-
Updated
Oct 24, 2023
Passive API key and secret discovery browser extension for Chrome and Firefox. 80+ detection patterns, zero config.
-
Updated
Jun 10, 2026 - JavaScript
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
-
Updated
Apr 6, 2026 - Python
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
-
Updated
Apr 3, 2026 - Go
Improve this page
Add a description, image, and links to the api-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the api-security topic, visit your repo's landing page and select "manage topics."