Passive API key and secret discovery browser extension for Chrome and Firefox. 80+ detection patterns, zero config.
-
Updated
Jun 23, 2026 - JavaScript
Passive API key and secret discovery browser extension for Chrome and Firefox. 80+ detection patterns, zero config.
Sniper. Passive Secrets Hunting.🚬
UZYNTRA UI is a modern control plane that provides real-time visibility, threat intelligence, and operational control over API security systems.
An open-source security analysis platform for education and vulnerability discovery.
Cloudflare worker that verifies incoming requests have a valid Approov Token. See blog post https://blog.approov.io/securing-the-api-server-with-approov-and-cloudflare.
A smart honeypot & security gateway for OpenWebUI, powered by Cloudflare Workers. Blocks bots, prevents token waste, and protects your service.
An Appoov token integration example for NodeJS. Article: https://blog.approov.io/approov-integration-in-a-nodejs-express-api
The tests demonstrate all 9 common CORS misconfigurations actively: Wildcard origins Origin reflection with credentials Null origin trust Regex bypasses (prefix/suffix) Subdomain trust pivots Preflight caching issues Unsafe methods exposure Private Network Access misconfigs
Javascript GraphQL and REST API Encryption API
Secure API Proxy Server for protecting AI API keys from client-side exposure. Supports OpenAI, Gemini, Claude, and more.
Secure api by RSA sign and verify functionality
Defensive AI security audit skill for Claude and Codex. Reviews codebases and web apps for OWASP Top 10, auth and authorization flaws, business logic bugs, tenant isolation gaps, insecure defaults, secret leaks, and ORM or N+1 query issues, then produces clear remediation guidance.
Backend server for Vogue Vista, handling user authentication, data management, and server-side logic. Built with Node.js/Express, PostgreSQL, and hosted on Heroku.
NodeJs rest Api for User Authentication
API Security Posture Assessment Platform — OWASP API Top 10 Coverage
Security scan for AI-built Node.js backends. Finds missing rate limits, bot protection, and spending caps on Twilio, SendGrid, OpenAI + 19 more. Free.
Automated API security scanning platform with OWASP API Top 10 detection, CVSS scoring, ML severity prediction, MFA, alerts, dashboard, and PDF reporting.
A high-performance, keyless, rule-based envelope for protecting web/API/stream data.
API Gateway for securing API Keys
Add a description, image, and links to the api-security topic page so that developers can more easily learn about it.
To associate your repository with the api-security topic, visit your repo's landing page and select "manage topics."