Api Security

x8 is a hidden parameters discovery suite that automatically identifies undocumented parameters in web applications and APIs for security testing purposes.

A Python library that provides an interface to query ThreatCrowd's API for threat intelligence data including email, IP, domain, and antivirus reports with built-in caching capabilities.

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

Hackazon is a vulnerable web application storefront designed for security professionals to practice testing modern web technologies and identifying common vulnerabilities.

An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.

A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.

AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.

A collection of CLI tools and API utilities for searching and filtering GitHub repositories by various criteria including keywords, users, organizations, and repository attributes.

PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.

A Python tool that analyzes AWS CloudTrail data to summarize IAM principal activities, API calls, regions, IP addresses, and user agents with configurable timeframes and visualization options.

A Windows Registry hive extraction library that provides C API access for reading and writing registry binary files with XML export capabilities.

PowerGRR is a PowerShell API client library that automates GRR (Google Rapid Response) operations for digital forensics and incident response across multiple operating systems.

AWS Web Application Firewalls (WAFs) are cloud-based security services that protect web applications and APIs from internet-based attacks through customizable filtering rules and centralized management capabilities.

n6 is a network security incident exchange system that collects, manages, and distributes threat and incident data through REST API and web interfaces for authorized users.

Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.

Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.

Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.

SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.

Aptoide is an alternative Android application marketplace that enables APK downloads and metadata retrieval for mobile security research and analysis.

A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.

Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.

An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.

HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.

A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.