API-Security-Checklist
API Security Guide
A comprehensive security checklist for designing and releasing APIs
Checklist of the most important security countermeasures when designing, testing, and releasing your API
22k stars
544 watching
3k forks
last commit: 6 days ago
Linked from 8 awesome lists
apijwtoauth2security
hack-with-github/awesome-hacking
kristories/awesome-guidelines
yosriady/awesome-api-devtools
marmelab/awesome-rest
stn1slv/awesome-integration
spacial/awesome-systools
gitcommitshow/awesome-authentication
netanmangal/awesome-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 gokul595/api_guard | Provides JWT-based authentication with token refreshing and blacklisting for Rails APIs | 276 |
 fallibleinc/security-guide-for-developers | A comprehensive security guide for developers to help create more secure systems | 20,923 |
 hakky54/mutual-tls-ssl | A tutorial project demonstrating a secure API setup with TLS/SSL authentication for Java-based web servers and clients. | 571 |
 gitguardian/apisecuritybestpractices | Resources to help developers keep sensitive information secret and mitigate potential security breaches | 1,917 |
 chrisbjr/api-guard | A package for authenticating RESTful APIs with API keys in Laravel | 692 |
 github/secure_headers | Automates the application of security headers to protect web applications from various threats and vulnerabilities. | 3,164 |
 dwyl/learn-json-web-tokens | This project teaches how to use JSON Web Tokens for authentication in web and mobile applications. | 4,181 |
 apiaryio/dredd | Tool for validating API implementations against their own documentation | 4,194 |
 auth0/jwt-decode | A library to decode and parse JSON web tokens | 3,214 |
 mrtolkien/fastapi_simple_security | Security package for FastAPI API key authentication with simple setup and administrator endpoints. | 329 |
 firebase/firebaseui-web | A JavaScript library providing simple, customizable UI bindings on top of Firebase SDKs for authentication and sign-in management. | 4,606 |
 blst-security/cherrybomb | A tool that audits and tests API specifications to prevent security errors and ensures APIs function as intended. | 1,150 |
 flipkart-incubator/astra | Automated testing framework for detecting vulnerabilities in REST APIs | 2,512 |
 enablesecurity/wafw00f | A tool to identify and fingerprint Web Application Firewalls. | 5,296 |
 tymondesigns/jwt-auth | Provides authentication functionality using JSON Web Tokens (JWT) for Laravel and Lumen applications. | 11,312 |