cherrybomb
cherrybomb copied to clipboard
blst-security
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
@RazMag During writing an active scan, I encountered strange behavior. **Description** The code do not parse every path on the OAS file. **To Reproduce** Steps to reproduce the behavior: 1....
**Describe the bug** When trying to analyse a specific swagger.json file, cherrybomb exits with a stack overflow. **To Reproduce** Steps to reproduce the behavior: 1. extract the zip file; the...
@RazMag **Description of the bug** The change_payload function in Active test fail to parse the JSON. I wrote a check for xss, during the running time I got an error...
*** @RazMag I am writing an active check function, trying to modify the protocol of https to http or modify the port to 80. But it seems that the attack...
We are always looking for more passive checks to add to our growing list of checks! Guide on how to contribute:https://github.com/blst-security/cherrybomb/blob/main/CONTRIBUTING.md If you still want some help or just to...
Rust cli app dockerize using this article as reference https://dev.to/kevingimbel/how-to-distribute-a-rust-cli-tool-as-docker-image-5bgl Fix #16
**Is your feature request related to a problem? Please describe.** For users that want to run/use your tool in a CI/CD pipeline as part of a quality check, needing to...
There's a fairly substantial amount of logical code that's stored as comments in this repo. There seems to be a mixture of code that may get used later, and code...
Metadata
Owner
Metadata
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.