reddit hackernews mail facebook facebook linkedin
API fuzzer

API fuzzer

Fuzz request attributes using common pentesting techniques and lists vulnerabilities.
#api   #fuzzing  

API_Fuzzer gem accepts a API request as input and returns vulnerabilities possible in the API. Following are the main check involved in API_Fuzzer gem:
- Cross-site scripting vulnerability
- SQL injection
- Blind SQL injection
- XML External entity vulnerability
- IDOR (in specific cases)
- API Rate Limiting
- Open redirect vulnerabilities
- Information Disclosure flaws
- Info leakage through headers
- Cross-site request forgery vulnerability