Akto is an API security platform providing API discovery, security posture assessment, and testing throughout the DevSecOps pipeline.
OWASP ASTF: Automated API security testing framework based on OWASP API Security Top 10, designed for CI/CD integration and detailed reporting.
Learn API testing techniques, including API recon, documentation analysis, endpoint identification, and prevention of common API vulnerabilities.
APIsec University offers free API security training courses to help you find API vulnerabilities and keep your APIs secure.
Altair GraphQL Client is a feature-rich IDE for debugging GraphQL queries and implementations across all platforms, simplifying development workflows.
Arjun is an HTTP parameter discovery suite to find valid web parameters and uncover hidden endpoints.
Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.
AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.
GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.
Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.
GraphQL Voyager: Visualize any GraphQL API as an interactive graph, aiding in understanding and exploration of its schema and relationships.
GraphQLmap is a scripting engine for GraphQL endpoint pentesting, automating queries and fuzzing for vulnerabilities.
