[addtool] API-fuzzer #1187

piyush-security · 2023-05-13T06:39:45Z

[link]
https://github.com/Fuzzapi/API-fuzzer
[/link]

[tags]
api, fuzzing
[/tags]

[short_descr]
It allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities.
[/short_descr]

[long_descr]
API_Fuzzer gem accepts a API request as input and returns vulnerabilities possible in the API. Following are the main check involved in API_Fuzzer gem

Cross-site scripting vulnerability
SQL injection
Blind SQL injection
XML External entity vulnerability
IDOR (in specific cases)
API Rate Limiting
Open redirect vulnerabilities
Information Disclosure flaws
Info leakage through headers
Cross-site request forgery vulnerability
[/long_descr]

[image]

[/image]

The text was updated successfully, but these errors were encountered:

gwen001 · 2023-05-13T09:51:13Z

Problem occured with the following fields:

image not found

Check the guidelines or use the template created for that purpose.

gwen001 · 2023-05-13T10:39:49Z

Issue correctly handled, tool is waiting for human validation.

gwen001 · 2023-05-13T11:31:35Z

Tool has been accepted by the team: https://offsec.tools/tool/api-fuzzer

Thank you for your contribution!

gwen001 added question Further information is requested and removed question Further information is requested labels May 13, 2023

gwen001 added the enhancement New feature or request label May 13, 2023

gwen001 closed this as completed May 13, 2023

gwen001 added the accepted label Dec 7, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[addtool] API-fuzzer #1187

[addtool] API-fuzzer #1187

piyush-security commented May 13, 2023

gwen001 commented May 13, 2023

gwen001 commented May 13, 2023

gwen001 commented May 13, 2023

[addtool] API-fuzzer #1187

[addtool] API-fuzzer #1187

Comments

piyush-security commented May 13, 2023

gwen001 commented May 13, 2023

gwen001 commented May 13, 2023

gwen001 commented May 13, 2023