Showing 51 open source projects for "rest api testing"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 1
    Open Source API Firewall by Wallarm

    Open Source API Firewall by Wallarm

    Fast and light-weight API proxy firewall for request and response

    API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    Ray Tracing in One Weekend Book Series

    Ray Tracing in One Weekend Book Series

    The Ray Tracing in One Weekend series of books

    The Ray Tracing in One Weekend series of books are now available to the public for free online. They are now released under the CC0 license. This means that they are as close to public domain as we can get. (While that also frees you from the requirement of providing attribution, it would help the overall project if you could point back to this web site as a service to other users.) These books are formatted for printing directly from your browser, where you can also (on most browsers) save...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 3
    Hoverfly

    Hoverfly

    Lightweight service virtualization/ API simulation / API mocking tool

    Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    Amplication

    Amplication

    Amplication is an open‑source development tool

    ...Continuously push the generated application to your GitHub repository. Get a Docker container with your database, a Node.js application, and a React client. Generated apps include NestJS, Prisma, REST & GraphQL API, a React admin UI, logging, authentication, and authorization. Safely customize your generated app Node.js code using your favorite IDE. Decide whether to download the app within a Docker container that’s ready for deployment or to deploy to the Amplication cloud. At any point you’re free to download the source code and continue development elsewhere. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • Cut Data Warehouse Costs by 54% Icon
    Cut Data Warehouse Costs by 54%

    Easily migrate from Snowflake, Redshift, or Databricks with free tools.

    BigQuery delivers 54% lower TCO with exabyte scale and flexible pricing. Free migration tools handle the SQL translation automatically.
    Try Free
  • 5
    Themis

    Themis

    Easy to use cryptographic framework for data protection

    Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 6

    Impacket

    A collection of Python classes for working with network protocols

    Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP,...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 7
    spring-security-jwt-guide

    spring-security-jwt-guide

    Spring Security With JWT

    ...It is built on Spring Boot 3.x and Java 21, and includes integrations such as Spring Security 6.x, JPA (via Hibernate) for persistence, and Redis for session/token management. The goal is to show how to migrate from stateful, session-based auth toward stateless, modern REST API authentication using JWTs, roles, and permission checks. The code covers typical flows like user registration, login, logout, refreshing or invalidating tokens, and endpoint authorization with annotations like @PreAuthorize. It’s cleaner and more up-to-date than many older tutorials, reflecting current Spring and Java versions and allowing direct experimentation by developers.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8
    mitmproxy

    mitmproxy

    A free and open source interactive HTTPS proxy

    mitmproxy is an open source, interactive SSL/TLS-capable intercepting HTTP proxy, with a console interface fit for HTTP/1, HTTP/2, and WebSockets. It's the ideal tool for penetration testers and software developers, able to debug, test, and make privacy measurements. It can intercept, inspect, modify and replay web traffic, and can even prettify and decode a variety of message types. Its web-based interface mitmweb gives you a similar experience as Chrome's DevTools, with the addition of...
    Downloads: 13 This Week
    Last Update:
    See Project
  • 9
    EMAGNET

    EMAGNET

    Automated hacking tool to find leaked databases with 97.1% accuracy

    Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password. Before using Emagnet, please remember that with great power comes great responsibility. Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce...
    Downloads: 12 This Week
    Last Update:
    See Project
  • Custom VMs From 1 to 96 vCPUs With 99.95% Uptime Icon
    Custom VMs From 1 to 96 vCPUs With 99.95% Uptime

    General-purpose, compute-optimized, or GPU/TPU-accelerated. Built to your exact specs.

    Live migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
    Try Free
  • 10
    proxy.py

    proxy.py

    Utilize all available CPU cores for accepting new client connections

    proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections....
    Downloads: 2 This Week
    Last Update:
    See Project
  • 11
    subfinder

    subfinder

    Fast passive subdomain enumeration tool

    ...It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. Its modular architecture allows users to enable dozens of data providers through API keys, expanding coverage as needed. Subfinder integrates easily into automation pipelines and CI workflows thanks to its clean command-line design and structured output formats. ...
    Downloads: 25 This Week
    Last Update:
    See Project
  • 12
    frida

    frida

    Dynamic instrumentation toolkit for developers

    ...Works on Windows, macOS, GNU/Linux, iOS, Android, and QNX. Install the Node.js bindings from npm, grab a Python package from PyPI, or use Frida through its Swift bindings, .NET bindings, Qt/Qml bindings, or C API. Frida is and will always be free software (free as in freedom). We want to empower the next generation of developer tools, and help other free software developers achieve interoperability through reverse engineering. We are proud that NowSecure is using Frida to do fast, deep analysis of mobile apps at scale. Frida has a comprehensive test-suite and has gone through years of rigorous testing across a broad range of use-cases.
    Downloads: 200 This Week
    Last Update:
    See Project
  • 13
    node-rate-limiter-flexible

    node-rate-limiter-flexible

    Count and limit requests by key with atomic increments

    rate-limiter-flexible counts and limits number of actions by key and protects from DDoS and brute force attacks at any scale. It works with Redis, process Memory, Cluster or PM2, Memcached, MongoDB, MySQL, PostgreSQL and allows to control of requests rate in single process or distributed environment. All operations in memory or distributed environments use atomic increments against race conditions. Combine limiters, block key for some duration, delay actions, manage failover with insurance...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 14
    IntelOwl

    IntelOwl

    Centralized platform for automated threat intelligence analysis

    IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 15
    sbctl

    sbctl

    Secure Boot key manager

    sbctl intends to be a user-friendly secure boot key manager capable of setting up secure boot, offering key management capabilities, and keeping track of files that need to be signed in the boot chain. It is written top-to-bottom in Golang using go-uefi for the API layer and doesn't rely on existing secure boot tooling. It also tries to sport some integration testing towards tianocore utilizing vmtest.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 16
    BoringSSL

    BoringSSL

    Mirror of BoringSSL

    BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    Permify

    Permify

    Permify is an open-source authorization service

    Permify is an open source authorization service for creating fine-grained and scalable authorization systems. With Permify, you can easily structure your authorization model, store authorization data in your preferred database, and interact with the Permify API to handle all authorization queries from your applications or services. Permify is inspired by Google’s consistent, global authorization system, Google Zanzibar. Our goal is to make Google's Zanzibar available to everyone and help...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18
    InterceptSuite

    InterceptSuite

    A TLS MITM proxy for Non-HTTP traffic, with support for TLS upgrades

    InterceptSuite is a cross‑platform, SOCKS5‑based MITM proxy specially designed to intercept, inspect, analyze, and manipulate encrypted network traffic at the TCP/TLS layer. It goes beyond HTTP‑focused tools like Burp Suite and ZAP by providing universal TLS interception—including STARTTLS and non‑HTTP protocols—offering deep visibility and control for security testing and debugging. InterceptSuite bridges this gap by providing a universal TLS interception engine that works with any...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 19
    linkedin2username

    linkedin2username

    Generate probable usernames from LinkedIn company employee lists

    ...Using these names, it automatically generates multiple possible username formats that organizations commonly use for accounts or email addresses. This process helps security researchers, penetration testers, and investigators perform reconnaissance by building potential username lists for further security testing or OSINT analysis. Unlike tools that rely on official APIs, linkedin2username operates as a pure web scraper and therefore does not require API keys. The script uses Selenium to automate browser interactions and perform searches within LinkedIn to gather employee data.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    PyKCS11: a complete PKCS#11 wrapper for Python, created using the SWIG compiler. API documentation: http://pkcs11wrap.sourceforge.net/api/
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    SentraX

    SentraX

    Open source cybersecurity suite with 10 network scanners, API, JWT + 2

    SENTRAX est une suite professionnelle open source de cybersécurité dédiée à l’audit réseau et à la détection de vulnérabilités. **Caractéristiques clés :** - 10 scanners réseau (TCP, SYN, UDP, ICMP, SNMP, DNS, OSINT, Passive, Time Machine, CVE) - API REST avec authentification JWT + 2FA + limitation de débit - Tableau de bord web moderne (thème sombre/clair, graphiques, histoire) - Windows EXE autonome (33 Mo, pas d’installation) - Code source pour Linux / macOS / Docker - Export PDF / JSON / CSV - Système de plug-inning **Cas d’utilisation :** - Audits internes du réseau - Formation et éducation en sécurité - Détection de vulnérabilité (EternalBlue, BlueKeep, Heartbleed, etc.) ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    PhoneInfoga

    PhoneInfoga

    Information gathering framework for phone numbers

    ...PhoneInfoga intentionally avoids automation of invasive actions and instead assists manual investigations by correlating publicly available data. The platform includes both a command-line interface and a web client backed by a REST API, making it suitable for integration into larger investigative workflows. Because it relies heavily on external data sources, its effectiveness depends on proper configuration of scanners and APIs.
    Downloads: 65 This Week
    Last Update:
    See Project
  • 23
    pH7 Social Dating CMS (pH7Builder)❤️

    pH7 Social Dating CMS (pH7Builder)❤️

    🚀 Professional Social Dating Web App Builder (formerly pH7CMS)

    pH7Builder is a Professional, Free & Open Source PHP Social Dating Builder Software (primarily designed for developers ...). This Social Dating Web App is fully coded in object-oriented PHP (OOP) with the MVC pattern (Model-View-Controller). It is low resource-intensive, extremely powerful and highly secure. pH7Builder is included with over 42 native modules and is based on its homemade pH7 Framework which includes more than 52 packages To summarize, pH7Builder Social Dating Script...
    Downloads: 34 This Week
    Last Update:
    See Project
  • 24
    Cherrybomb

    Cherrybomb

    Cherrybomb is a CLI tool that helps you avoid undefined user behaviour

    Cherrybomb is an CLI tool written in Rust that helps prevent incorrect code implementation early in development. It works by validating and testing your API using an OpenAPI file. Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    accounts-js

    accounts-js

    Fullstack authentication and accounts-management for Javascript

    ...Take a look at our documentation to learn how to use the packages. For more advanced usage, head to our API documentation. The packages come with strong opinionated security defaults while preserving options for configuration.
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • Next
Auth0 Logo