awesome-api-security/README.md

48 lines
2.7 KiB
Markdown
Raw Normal View History

2020-08-14 13:39:47 -04:00
# [awesome-apisec](https://github.com/arainho/awesome-apisec)
2020-08-14 13:18:44 -04:00
**A collection of awesome API Security tools and resources.**
2020-08-14 13:25:03 -04:00
## Awesome Repositories
Repository | Description
---- | ----
2020-08-14 13:35:55 -04:00
[awesome-security-apis](https://github.com/jaegeral/security-apis)| A collective list of public JSON APIs for use in security
2020-08-14 13:18:44 -04:00
2020-08-14 13:32:38 -04:00
2020-08-14 13:18:44 -04:00
## Tools
Repository | Description
---- | ----
2020-08-14 13:32:38 -04:00
[Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite
2020-08-14 13:18:44 -04:00
[fuzzapi](https://github.com/Fuzzapi/fuzzapi)| Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
## Cheatsheets
Website | Description
---- | ----
[owasp-api-security-top-10](https://apisecurity.io/encyclopedia/content/owasp-api-security-top-10-cheat-sheet-a4.pdf) | OWASP API Security Top 10
## Wiki's / Encyclopedias
Repository | Description
---- | ----
[API Security Encyclopedia](https://apisecurity.io/encyclopedia/content/api-security-encyclopedia.htm) | APIsecurity.io - API Security Encyclopedia
2020-08-14 13:28:53 -04:00
## Checklist
Repository | Description
---- | ----
2020-08-14 13:36:22 -04:00
[API-Security-Checklist](https://github.com/shieldfy/API-Security-Checklist) | Checklist of the most important security countermeasures when designing, testing, and releasing your API
2020-08-14 13:18:44 -04:00
2020-08-16 16:59:16 -04:00
## Presentations / Videos
2020-08-14 13:32:38 -04:00
Repository | Description
---- | ----
[pentesting-rest-apis](https://www.slideshare.net/OWASPdelhi/pentesting-rest-apis-by-gaurang-bhatnagar) | Pentesting Rest API's by :- Gaurang Bhatnagar
2020-08-14 13:33:51 -04:00
[Securing your APIs](https://owasp.org/www-chapter-singapore/assets/presos/Securing_your_APIs_-_OWASP_API_Top_10_2019,_Real-life_Case.pdf) | “How Secure are you APIs?” - Securing your APIs: OWASP API Top 10 2019, Case Study and Demo
2020-08-16 16:59:16 -04:00
[api-security-testing-for-hackers](https://www.bugcrowd.com/resources/webinars/api-security-testing-for-hackers) | API Security Testing For Hackers
[bad-api-hapi-hackers](https://www.bugcrowd.com/resources/webinars/bad-api-hapi-hackers)| Bad API, hAPI Hackers!
2020-08-14 13:32:38 -04:00
2020-08-14 13:18:44 -04:00
## Other useful repositories
Repository | Description
---- | ----
2020-08-14 13:25:03 -04:00
[Awesome REST](https://github.com/marmelab/awesome-rest) | A collaborative list of great resources about RESTful API architecture, development, test, and performance. Feel free to contribute to this on-going list.
2020-08-14 13:27:46 -04:00
[How to design a REST API ](https://blog.octo.com/en/design-a-rest-api) | How to design a REST API? - Full guide tackling security, pagination, filtering, versioning, partial answers, CORS, etc.
[API Penetration Testing](https://blog.securelayer7.net/api-penetration-testing-with-owasp-2017-test-cases) | API Penetration Testing with OWASP 2017 Test Cases
2020-08-14 13:39:01 -04:00
[api-security-testing-how-to-hack](https://smartbear.com/blog/test-and-monitor/api-security-testing-how-to-hack-an-api-part-1/)| API Security Testing How to Hack an API and Get Away with It (Part 1 of 3)