# awesome-apisec (https://github.com/arainho/awesome-apisec) **A collection of awesome API Security tools and resources.** ## Awesome Repositories Repository | Description ---- | ---- [awesome-security-apis](https://github.com/jaegeral/security-apis)| A collective list of public JSON APIs for use in security. Contributions welcome ## Tools Repository | Description ---- | ---- [Arjun](https://github.com/s0md3v/Arjun) | HTTP parameter discovery suite [fuzzapi](https://github.com/Fuzzapi/fuzzapi)| Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem ## Cheatsheets Website | Description ---- | ---- [owasp-api-security-top-10](https://apisecurity.io/encyclopedia/content/owasp-api-security-top-10-cheat-sheet-a4.pdf) | OWASP API Security Top 10 ## Wiki's / Encyclopedias Repository | Description ---- | ---- [API Security Encyclopedia](https://apisecurity.io/encyclopedia/content/api-security-encyclopedia.htm) | APIsecurity.io - API Security Encyclopedia ## Checklist Repository | Description ---- | ---- [API-Security-Checklist]([https://github.com/shieldfy/API-Security-Checklist) | Checklist of the most important security countermeasures when designing, testing, and releasing your API ## Presentations Repository | Description ---- | ---- [pentesting-rest-apis](https://www.slideshare.net/OWASPdelhi/pentesting-rest-apis-by-gaurang-bhatnagar) | Pentesting Rest API's by :- Gaurang Bhatnagar [Securing your APIs](https://owasp.org/www-chapter-singapore/assets/presos/Securing_your_APIs_-_OWASP_API_Top_10_2019,_Real-life_Case.pdf) | “How Secure are you APIs?” - Securing your APIs: OWASP API Top 10 2019, Case Study and Demo ## Other useful repositories Repository | Description ---- | ---- [Awesome REST](https://github.com/marmelab/awesome-rest) | A collaborative list of great resources about RESTful API architecture, development, test, and performance. Feel free to contribute to this on-going list. [How to design a REST API ](https://blog.octo.com/en/design-a-rest-api) | How to design a REST API? - Full guide tackling security, pagination, filtering, versioning, partial answers, CORS, etc.