cherrybomb
API auditor
A tool that audits and tests API specifications to prevent security errors and ensures APIs function as intended.
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
1k stars
12 watching
81 forks
Language: Rust
last commit: 27 days ago
Linked from 2 awesome lists
apiapi-securitybest-practicesblstbusiness-logicclicybercybersecurityfirecrackerhttpopen-sourceopenapiopenapi3securitysecurity-toolsweb-sec-scannerweb-securitywebsecurity
rust-unofficial/awesome-rust
yosriady/awesome-api-devtoolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 peachtech/peachapisec-burp | A plugin that integrates automated security testing with Burp and Peach API Security. | 2 |
 azure/counterfit | An automation tool that assesses the security of machine learning systems by bringing together various adversarial frameworks under one platform. | 806 |
 gitguardian/apisecuritybestpractices | Resources to help developers keep sensitive information secret and mitigate potential security breaches | 1,917 |
 gosecure/csp-auditor | Analyzes and configures website security policies to prevent malicious scripts from running on user devices. | 136 |
 zalando/zally | A tool that helps ensure APIs are well-designed and follow best practices by analyzing their specifications against established guidelines. | 906 |
 trapexit/scorch | A tool to catalog files and their hashes to help in discovering file corruption, missing files, duplicates, etc. | 196 |
 chrisbjr/api-guard | A package for authenticating RESTful APIs with API keys in Laravel | 692 |
 riverloopsec/killerbee | A toolkit for testing and auditing low-power wireless networks | 764 |
 zimmski/go-mutesting | A tool to detect untested parts of source code by introducing small changes and testing the resulting behavior. | 643 |
 cisagov/cset | An automated tool for evaluating and improving cybersecurity posture by analyzing vulnerabilities in industrial control systems and information technology architecture. | 1,456 |
 d35ha/callobfuscator | Tools for modifying Windows API imports to evade analysis and detection by static/dynamic analysis tools. | 981 |
 debasishm89/burpy | A tool that analyzes web application security by parsing Burp Suite logs and generating reports. | 119 |
 portswigger/html5-auditor | An HTML validation and security testing tool for identifying vulnerabilities in web applications | 4 |
 bearer/bearer | A tool for discovering and prioritizing security risks in software code | 2,040 |
 cgboal/sonarsearch | An API for querying and searching the Project Sonar dataset using Go. | 642 |