Tool

GitHub - imperva/automatic-api-attack-tool: Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.GitHub

APIsPentest Book

GitHub - flipkart-incubator/Astra: Automated Security Testing For REST API'sGitHub

GitHub - flipkart-incubator/Astra: Automated Security Testing For REST API'sGitHub

GitHub - imperva/automatic-api-attack-tool: Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.GitHub

# Tools
https://github.com/Fuzzapi/fuzzapi
https://github.com/Fuzzapi/API-fuzzer
https://github.com/flipkart-incubator/Astra
https://github.com/BBVA/apicheck/
https://github.com/ngalongc/openapi_security_scanner
https://github.com/assetnote/kiterunner


Tool - graphql
# https://github.com/doyensec/inql
# https://github.com/swisskyrepo/GraphQLmap
# https://apis.guru/graphql-voyager/
# https://github.com/nikitastupin/clairvoyance
# https://gitlab.com/dee-see/graphql-path-enum