GraphQL Voyager: Visualize any GraphQL API as an interactive graph, aiding in understanding and exploration of its schema and relationships.
InQL is a Burp Suite extension for advanced GraphQL testing, offering vulnerability detection and customizable scans.
Interactsh is a tool and service for capturing and handling out-of-band interactions during security testing.
JWT Debugger is a web application to create, encode, decode, and debug JWT (JSON Web Tokens).
Kiterunner is a contextual content discovery tool for modern web applications and APIs, excelling in route/endpoint bruteforcing.
A comprehensive collection of payloads and bypasses for web application security testing and exploitation.
Postman: The leading API platform for building and using APIs. Streamline collaboration and simplify the API lifecycle.
Prism is an open-source HTTP mock and proxy server that accelerates API development with realistic mock servers powered by OpenAPI documents.
RESTler is a stateful REST API fuzzing tool for automatically testing cloud services and finding security and reliability bugs.
Shodan is a search engine for Internet-connected devices, enabling users to discover and monitor exposed services and gain Internet intelligence.
Tenable's exposure management platform helps organizations find, prioritize, and fix cyber risks across IT, cloud, OT, and identity environments.
WuppieFuzz: coverage-guided REST API fuzzer using LibAFL, easy-to-use, explainable flaws, modular, supports black/grey/white box testing.
