API fuzzer
Fuzz request attributes using common pentesting techniques and lists vulnerabilities.
API_Fuzzer gem accepts a API request as input and returns vulnerabilities possible in the API. Following are the main check involved in API_Fuzzer gem:
- Cross-site scripting vulnerability
- SQL injection
- Blind SQL injection
- XML External entity vulnerability
- IDOR (in specific cases)
- API Rate Limiting
- Open redirect vulnerabilities
- Information Disclosure flaws
- Info leakage through headers
- Cross-site request forgery vulnerability