API Security Testing Framework

OWASP API Security Testing Framework

A comprehensive automated testing framework for detecting API security vulnerabilities based on the OWASP API Security Top 10. The OWASP API Security Testing Framework (ASTF) helps security professionals and developers identify vulnerabilities in their APIs through automated testing. Built with enterprise needs in mind, it provides detailed security analysis and integrates with modern CI/CD pipelines.

Features

• Automated detection of API-specific vulnerabilities
• Comprehensive test coverage of OWASP API Security Top 10
• Support for REST, GraphQL, and gRPC APIs
• CI/CD integration capabilities
• Detailed vulnerability reporting
• Custom rule creation
• Remediation guidance

Basic Usage

# Run a basic scan
java -jar target/api-security-testing-framework-1.0-SNAPSHOT.jar scan \
  --target https://api.example.com \
  --auth-header "Authorization: Bearer YOUR_TOKEN"