This challenge is Inon Shkedy's 31 days API Security Tips.
-
Updated
Aug 24, 2021
#
api-security
Here are 70 public repositories matching this topic...
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api
checklist
security
web
webapp
pentesting
writeups
bugbounty
pentest
websecurity
api-security
bugbountytips
bugbounty-writeups
-
Updated
Sep 5, 2021
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
-
Updated
Mar 10, 2022
An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses
security
waf
owasp
bugbounty
web-application-firewall
security-tools
web-application-security
security-testing
graphql-security
api-security
rest-security
grpc-security
-
Updated
Apr 5, 2022 - Go
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
-
Updated
Nov 24, 2021 - Java
nginx
kubernetes
security
webserver
waf
load-balancer
apigateway
application-security
awesome-list
naxsi
modsecurity
nginx-server
nginx-configuration
mod-security
awesome-lists
nginx-security
api-security
nginx-environment
-
Updated
Sep 25, 2020
A Huge Learning Resources with Labs For Offensive Security Players
api
infrastructure
learning
security
mobile
web
hack
hacking
owasp
cybersecurity
web-security
mobile-security
offensive
offensive-security
red-team
owasp-top-10
cloud-security
redteam
api-security
red-teaming
-
Updated
Feb 5, 2022
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
-
Updated
Mar 11, 2022
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
api
security
api-gateway
proxy
firewall
swagger
openapi
waf
apigateway
api-wrapper
openapi-spec
openapi-specification
web-application-firewall
security-tools
web-application-security
api-security
rest-security
api-firewall
openapi-security
api-waf
-
Updated
Apr 4, 2022 - Go
Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.0. This library makes JWT a cheese.
php
jwt
oauth2
php7
php-jwt
jwt-authentication
json-web-signature
json-web-token
jwt-auth
hacktoberfest
php8
api-security
json-web-token-php
api-auth
adhocore
hacktoberfest2021
-
Updated
Feb 24, 2022 - PHP
Reconstruct Open API Specifications from real-time workload traffic seamlessly.
kubernetes
microservices
microservice
swagger
wasm
openapi
k8s
openapi-spec
service-mesh
openapi-specification
envoy
istio
api-security
shadow-api
zombie-api
-
Updated
Apr 5, 2022 - Go
some examples that show basic and more advanced implementations of oauth2 authorization mechanism in spring-cloud microservices environment
oauth
jwt
oauth2
spring-boot
spring-cloud
authorization
spring-security
zuul
spring-security-oauth2
api-security
microservices-security
-
Updated
Jan 22, 2020 - Java
Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.
api
mobile
mobile-app
api-client
api-server
apis
hmac-authentication
pinning
mobile-security
mobile-security-framework
mobile-development
api-key
certificate-pinning
api-security
api-keys
mobile-app-security
approov
api-secret
api-key-authentication
mobile-app-attestation
-
Updated
Mar 26, 2022 - Kotlin
Dockerized ASP.NET Core Web API app in Heroku
api
docker
authentication
dotnet
dotnetcore
swagger
file-upload
container
auth
authorization
webapp
api-security
dotnet5
-
Updated
Mar 11, 2021 - C#
A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
-
Updated
Aug 12, 2019 - Java
AWS API Gateway Security Deep dive
-
Updated
Apr 7, 2021 - Python
nginx
security
security-audit
waf
security-scanner
web-application-firewall
security-automation
security-tools
application-firewall
api-security
envoyproxy
rest-security
api-firewall
openapi-security
-
Updated
Apr 5, 2022 - Shell
Protocol specification and Node library designed to make building APIs that use HMAC signatures simple
-
Updated
May 31, 2021 - TypeScript
Sniper. Passive Secrets Hunting.🚬
api
secrets
information-extraction
secrets-scan
token
secret-keys
api-security
information-disclosure
information-discovery
secrets-detection
-
Updated
Jan 6, 2022 - JavaScript
A companion project for our blog post describing how to secure public APIs client-side.
-
Updated
Oct 11, 2017 - PHP
API Design & Security
api
security
oauth2
spring-boot
mongodb
travis-ci
swagger
mockito
spring-security
api-rest
querydsl
codecov
api-security
-
Updated
Oct 29, 2017 - Java
-
Updated
Nov 11, 2018 - PHP
How to implement Step-up Authentication using Amazon Cognito
lambda
node
typescript
api-gateway
dynamodb
cognito
application-security
rba
cdk
api-security
adaptive-authentication
step-up-authentication
step-up-auth
adaptive-auth
rule-based-authentication
-
Updated
Apr 2, 2022 - TypeScript
This package facilitates the way of API Signing in Django projects.
-
Updated
Oct 21, 2021 - Python
An ongoing collection of awesome software, API libraries, checlists, best guidelines and resources and most important security countermeasures when designing, testing, and releasing your API.
api-documentation
api-client
api-server
api-consumer
api-blueprint
api-design
api-generator
api-documentation-tool
api-authentication
api-call
api-security
api-endpoints
api-automation
secure-api
api-communication
api-authorizarion
api-development-platform
-
Updated
Feb 2, 2022
Javascript GraphQL and REST API Encryption API
-
Updated
Nov 8, 2021 - JavaScript
Secure api by RSA sign and verify functionality
-
Updated
Aug 26, 2019 - JavaScript
Approov integration example quickstarts for the Elixir Phoenix framework with the Absinthe library for GraphQL
api
elixir
elixir-phoenix
api-security
approov
approov-backend
approov-quickstart
approov-bakend-quickstart
-
Updated
Feb 11, 2022 - Elixir
Strengthens OAuth2 authorization by using mobile app attestation
-
Updated
Sep 1, 2021 - Java
Improve this page
Add a description, image, and links to the api-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the api-security topic, visit your repo's landing page and select "manage topics."
Is your feature request related to a problem? Please describe.
For users that want to run/use your tool in a CI/CD pipeline as part of a quality check, needing to install the tool locally may not always be an option.
Describe the solution you'd like
I would like to see this tool be made available in an official Docker image like many other CLI-based tools provide (ie. [AquaSec/Trivy](