DEV Community

Intesar Mohammed
Intesar Mohammed

Posted on

Hey guys! If you're looking to get feedback on your API security, drop a link here πŸ‘‡ I Would love to help.

Most APIs use Okta, OAuth 2.0, JWT, Spring Security, and similar security frameworks to implement security. These frameworks are hard to implement, and as other developers add new functionality, it gets harder to ensure security is implemented correctly.

I built a free web tool for developers to test their public/mobile/web APIs for authentication flaws. The tool doesn't require access to live traffic. Neither does it need you to write and configure anything. It automatically creates and runs tests against your production/dev APIs and sends a PDF security test report instantly.

The tool I'm going to use:
https://apisec-inc.github.io/pentest/

I need an OpenAPI Specification (Swagger) URL. Leave it in the comments section. I'll get back to you with a PDF report.

Top comments (1)

Collapse
 
intesar profile image
Intesar Mohammed

Just leave your API URL.