VAmPI
VAmPI copied to clipboard
erev0s
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
Hi, I can see doc says this demo app supports multiple attacks but i don't see attack payloads. So can you please share them so i can also test these...
Link to code: https://github.com/erev0s/VAmPI/blob/master/openapi_specs/openapi3.yml#L562 I think response body for this endpoint should be just object not array of objects
Your OAS file is missing authentication. Looking at your OAS with Swagger, all paths appear to be unsecured and do not require authentication, even though they do. Can you fix...
In some cases it is useful to know if the auth token is valid or not. All other immutable endpoints provide full information even without an auth token. Only fetching...
