Category

Akto is an API security platform providing API discovery, security posture assessment, and testing throughout the DevSecOps pipeline.

OWASP ASTF: Automated API security testing framework based on OWASP API Security Top 10, designed for CI/CD integration and detailed reporting.

Learn API testing techniques, including API recon, documentation analysis, endpoint identification, and prevention of common API vulnerabilities.

APIsec University offers free API security training courses to help you find API vulnerabilities and keep your APIs secure.

Aikido is a security platform for code and cloud, designed to automatically find and fix vulnerabilities in one central system.

Altair GraphQL Client is a feature-rich IDE for debugging GraphQL queries and implementations across all platforms, simplifying development workflows.

Arjun is an HTTP parameter discovery suite to find valid web parameters and uncover hidden endpoints.

Burp Suite extension for API security testing with intelligent fuzzing, AI integration, and automated reconnaissance.

Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.

AI-native SAST tool for code security, detecting vulnerabilities, secrets, IaC issues, and AI model security with actionable AI fixes.

GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.

Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.