Akto is an API security platform providing API discovery, security posture assessment, and testing throughout the DevSecOps pipeline.
OWASP Foundation: Open source application security, providing resources, tools, and community for secure software development.
PortSwigger offers web application security tools, testing resources, and training to identify the latest vulnerabilities.
Probely is an automated web application and API vulnerability scanner designed for agile teams to automate security testing in their SDLC.
OWASP ASTF: Automated API security testing framework based on OWASP API Security Top 10, designed for CI/CD integration and detailed reporting.
Learn API testing techniques, including API recon, documentation analysis, endpoint identification, and prevention of common API vulnerabilities.
APIsec University offers free API security training courses to help you find API vulnerabilities and keep your APIs secure.
Altair GraphQL Client is a feature-rich IDE for debugging GraphQL queries and implementations across all platforms, simplifying development workflows.
Arjun is an HTTP parameter discovery suite to find valid web parameters and uncover hidden endpoints.
Dalfox is a powerful open-source XSS scanner and utility focused on automation, designed for detecting and verifying XSS vulnerabilities.
GraphQL Cop is a Python utility for running security tests against GraphQL APIs, ideal for CI/CD checks and vulnerability reproduction.
Assess the security of your GraphQL apps: authorization, access control, complexity limits, introspection, DDOS, and injections.