Category

API Security Testing Framework

OWASP ASTF: Automated API security testing framework based on OWASP API Security Top 10, designed for CI/CD integration and detailed reporting.

API Security

API testing

Learn API testing techniques, including API recon, documentation analysis, endpoint identification, and prevention of common API vulnerabilities.

API Training

API SecurityTrainingCertifications

APIsec University

Training API Certifications

APIsec University offers free API security training courses to help you find API vulnerabilities and keep your APIs secure.

Cloud SecurityApplication SecurityAPI SecurityVulnerability IntelligenceReportingAI Security

Aikido

Aikido is a security platform for code and cloud, designed to automatically find and fix vulnerabilities in one central system.

Cloud API AI Report Web+5

API Security

Altair GraphQL Client

Altair GraphQL Client is a feature-rich IDE for debugging GraphQL queries and implementations across all platforms, simplifying development workflows.

API SecurityReconnaissanceApplication Security

Arjun

Arjun is an HTTP parameter discovery suite to find valid web parameters and uncover hidden endpoints.

API Web

API SecurityApplication Security

BurpAPISecuritySuite

Burp Suite extension for API security testing with intelligent fuzzing, AI integration, and automated reconnaissance.

Application SecurityAPI Security

Dalfox

Web Bug Bounty Static Analysis API

Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.

AI SecurityApplication SecurityAPI SecurityCloud SecurityVulnerability Intelligence

EnforsterAI

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

AI Static Analysis API Cloud Web+1

API Security

GraphQL Cop

GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.

API Security

GraphQL Security

Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.