APISCAN is a Swagger-driven API security tool for security specialists and auditors, focused on OWASP API Top 10 coverage and evidence-based reporting.
A novel LLM-driven Fuzzer for unsafe API consumption testing
Practical walkthrough of OWASP API Top 10 vulnerabilities with real exploitation steps and effective security fixes.
API security lab demonstrating vulnerability scanning using Qualys, Aikido, and Wallarm with real-world findings and remediation strategies
Secured a vulnerable Spring Boot REST API by fixing OWASP API Security Top 10 (2023) issues, implementing JWT authentication, role-based access control, input validation, DTOs, and rate limiting.
Notes, labs, cheatsheets, and certificate for the API Penetration Testing (ApiSec University) course. Focuses on OWASP API Top 10, attack techniques, and secure API design.
API security testing engine for detecting OWASP API vulnerabilities and business logic flaws.
OWASP API Top 10 assessment — BOLA, broken auth, JWT algorithm confusion, mass assignment exploitation
Add a description, image, and links to the owasp-api-top10 topic page so that developers can more easily learn about it.
To associate your repository with the owasp-api-top10 topic, visit your repo's landing page and select "manage topics."