#api

Covenant on offsec.tools
Featured
Covenant

Collaborative C2 framework for red teamers.

karma v2 on offsec.tools
karma v2

Passive open source intelligence automated reconnaissance.

shosubgo on offsec.tools
shosubgo

Small tool to grab subdomains using Shodan API.

CypherDog on offsec.tools
CypherDog

PowerShell Cmdlets to interact with BloodHound Data via Neo4j HTTP API.

c{api}tal on offsec.tools
c{api}tal

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities.

API fuzzer on offsec.tools
API fuzzer

Fuzz request attributes using common pentesting techniques and lists vulnerabilities.

kiterunner on offsec.tools
kiterunner

Contextual content discovery tool.

RESTler on offsec.tools
RESTler

A stateful fuzzing tool for automatically testing cloud services through their REST APIs.

haktrails on offsec.tools
haktrails

Golang client for querying SecurityTrails API data.

swagroutes on offsec.tools
swagroutes

Extract and list API routes from Swagger files in YAML/JSON format.

Nmap-API on offsec.tools
Nmap-API

Create a Nmap API that can do scans with a good speed online and is easy to deploy.

keyhacks.sh on offsec.tools
keyhacks.sh

Automation of tokens/api keys testing.

ScareCrow on offsec.tools
ScareCrow

Payload creation framework designed around EDR bypass.

Dumpert on offsec.tools
Dumpert

LSASS memory dumper using direct system calls and API unhooking.

Vampi on offsec.tools
Vampi

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.

Graphicator on offsec.tools
Graphicator

Enumerate and extract GraphQL APIs.

Gorsair on offsec.tools
Gorsair

Gives root access on remote docker containers that expose their APIs.

OpenAPI on offsec.tools
OpenAPI

Parse OpenAPI specifications into the BurpSuite for automating RESTful API testing.

Burp Extender API on offsec.tools
Burp Extender API

Burp Extender API.

SQLi-Hunter on offsec.tools
SQLi-Hunter

Simple HTTP(S) proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

Race The Web on offsec.tools
Race The Web

Tests for race conditions in web applications.

Fuzzapi on offsec.tools
Fuzzapi

Used for REST API pentesting and provide UI solution for gem.