12 repositorios
Authentication and rate limiting for RESTful services.
Distinguishing note: Focuses on standard HTTP API patterns, distinct from GraphQL/gRPC.
Explore 12 awesome GitHub repositories matching security & cryptography · REST API Security. Refine with filters or upvote what's useful.
The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral
Implements authentication, authorization, and rate limiting to protect web services.
This project provides a framework for managing multi-agent systems, designed to automate complex software development, infrastructure, and business workflows. It functions as a multi-agent workflow orchestrator that routes tasks to domain-specific workers while maintaining state persistence and infrastructure automation. By leveraging large language models, the system decomposes high-level objectives into actionable plans, ensuring that complex operations are executed with consistency and reliability. The framework distinguishes itself through its hierarchical agent registry and policy-driven
Implements secure, versioned API endpoints with standardized authentication and rate limiting.
Parse Server is a backend-as-a-service solution and Node.js framework that provides a ready-to-use REST and GraphQL API for mobile and web applications. It functions as a core backend infrastructure for managing database schemas, user authentication, and API routing. The system distinguishes itself with a real-time data engine that pushes database updates to clients via WebSockets and a GraphQL server that automatically generates schemas based on application data models. It also features an adapter-based storage layer that abstracts interactions with various cloud and local backends. The pla
Limits external access to specific REST API routes using regex patterns to ensure approved interaction paths.
Popcorn Time is a cross-platform application that functions as a BitTorrent streaming client, enabling the playback of movies and television shows through sequential data downloading. It serves as a comprehensive media discovery platform and metadata API, providing tools to search, browse, and retrieve detailed information about entertainment content. The platform distinguishes itself through a robust streaming data provider service that maps regional streaming availability and resolves encrypted tokens into secure redirects for external media platforms. It supports global audiences by locali
Exposes structured media metadata through a secure RESTful API gateway with built-in authentication and rate limiting.
This project is a JavaScript library and SDK used to integrate web and mobile applications with cloud services. It serves as a bridge to backend providers for user authentication, binary object storage, and real-time data synchronization. The library provides a unified interface for managing cloud identity and access, executing queries and mutations against GraphQL endpoints, and consuming REST APIs with secure request signing. It also includes tools for accessing machine learning services for natural language processing and computer vision. Broad capability areas include offline-first data
Implements secure request signing using the Sigv4 protocol to authenticate HTTP requests sent to remote REST endpoints.
This project is a containerized build automation system and self-hosted DevOps platform provided as a Docker image. It serves as a distributed build orchestrator and a Dockerized continuous integration and delivery server, ensuring consistent execution environments across different infrastructure. The system distinguishes itself through a distributed execution model that separates a primary controller from multiple remote agents connected via SSH, TCP, or web sockets. It utilizes a modular extensibility framework that allows the core system functionality to be augmented through the installati
Performs static security testing on REST APIs to identify potential vulnerabilities.
Validates user identity through tokens or credentials before granting access to protected API endpoints.
Este proyecto es un framework de integración que arranca servicios de llamada a procedimiento remoto (RPC) de Apache Dubbo dentro de aplicaciones Spring Boot. Sirve como un framework de comunicación de microservicios que permite la implementación de servicios RPC, descubrimiento de servicios y gobernanza distribuida mediante configuración automatizada. El proyecto se distingue por proporcionar un puente RPC entre lenguajes, permitiendo que servicios escritos en diferentes lenguajes se comuniquen mediante estándares como gRPC y Protobuf. Además, permite la exposición de microservicios backend como endpoints REST utilizando el protocolo Triple para acceso directo desde navegadores web y clientes de terceros. El framework cubre una amplia gama de capacidades, incluyendo gobernanza de servicios distribuidos para enrutamiento de tráfico y limitación de tasa (rate limiting), gestión centralizada de configuración y observabilidad de microservicios para el rastreo de solicitudes y monitoreo de salud. También admite diversas capas de transporte e integraciones de almacenamiento para Redis y Memcached. El proyecto proporciona starters y configuraciones para automatizar el arranque de la infraestructura RPC dentro del entorno Spring Boot.
Secures RESTful service endpoints using basic authentication and custom identity validators.
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Uses separate addresses for internal cluster traffic and the external REST API endpoint to improve security and flexibility.
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
Identifies and exploits security vulnerabilities in REST endpoints by analyzing their parameters and headers.
Schemathesis is a property-based testing tool and fuzzer for schema-based APIs. It analyzes OpenAPI and JSON Schema specifications to automatically generate test cases that identify crashes, schema violations, and validation bypasses. The project functions as a contract validator and security scanner, verifying that a live server strictly adheres to its defined specifications. The framework distinguishes itself through stateful API testing, which chains multiple related requests together to uncover bugs that only emerge during complex, multi-step user workflows. It also utilizes response-driv
Automatically discovers API vulnerabilities by auditing REST endpoints and exploiting parameters and headers via schema-based fuzzing.
Astra is a security analysis system and scanner designed to identify vulnerabilities and security flaws in REST API endpoints. It functions as a security testing tool that automatically detects common API weaknesses during development and deployment cycles. The project provides a graphical interface for triggering and monitoring security scanning processes, removing the requirement for manual command line execution. This management UI allows for the oversight of scanning workflows and the retrieval of vulnerability reports. The system supports the import of collection files to map endpoints
Implements an automated scanner to detect security flaws in REST API endpoints using imported collections.