all InfoSec news
Learnings After 400 API Security Testing
DEV Community dev.to
We recently launched EthicalCheck, a free and instant API security testing DAST (Dynamic Application Security Testing) web tool on GitHub.
Here is the GitHub URL for the tool:
https://apisec-inc.github.io/pentest/
What kind of vulnerabilities does EthicalCheck find?
Most automated scanners would find vulnerabilities like SQL Injections, NoSQL Injections, XSS, etc.
EthicalCheck performs different checks, including OAuth 2.0, JWT, BasicAuth, OWASP API #2, and broken authentication defects in web, mobile, and public-facing APIs.
How EthicalCheck work?
It requires two inputs:
API (OpenAPI …
api api security learn programming security security testing testing