# API Security Testing Tool
This tool allows you to perform security scans on various types of APIs, including REST, SOAP, and GraphQL. It provides basic and advanced scans and integrates with Swagger for automated testing.
## Features
- **Basic API Scan**: Quickly scan a domain for common security vulnerabilities.
- **Advanced Endpoint Scan**: Perform a more in-depth scan on specific API endpoints with custom headers.
- **Swagger Integration**: Scan APIs using Swagger documentation (URL or file).
- **SOAP Endpoint Testing**: Test SOAP APIs for security issues.
- **GraphQL Endpoint Testing**: Scan GraphQL APIs to detect vulnerabilities.
- **Output**: Save scan results in a JSON file for later analysis.
## Installation
### Method 1:
Install directly using pip from PyPi:
```bash
pip install apisec
```
### Method 2:
Clone the repository and install the package using `pip`:
```bash
git clone https://github.com/yourusername/apisec-tool.git
cd apisec-tool
pip install .
```
### Post Install
After installing apisec, run below command to install all dependecies and sync path variables.
```bash
apisec -i
```
## Usage
### REST API
- Basic Scan: Perform a basic security scan on a domain:
```bash
apisec -bs "<domain name>"
```
- Advanced Scan: Perform an advanced scan on a specific API endpoint:
```bash
apisec -ae "<API endpoint>" -ah "<headers in JSON format>"
```
- Using Swagger JSON File: Scan APIs based on Swagger documentation:
```bash
apisec -su "<API server url>" -sf "<url or path to swagger.json file>"
```
### SOAP API
- SOAP Scan: Test a SOAP API by specifying its endpoint:
```bash
apisec -s "<SOAP API endpoint>
```
### GraphQL API
- GraphQL Scan: Test a GraphQL API for security vulnerabilities:
```bash
apisec -g "<GraphQL API endpoint>"
```
### Saving Output
To save the scan results to a JSON file for later analysis, use the -o option:
```bash
apisec -bs "<domain name>" -o "scan_results.json"
```
## License
This project is licensed under the MIT License. See the LICENSE file for more details.
Raw data
{
"_id": null,
"home_page": "https://github.com/vkvbit/apisec",
"name": "apisec",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "apisec, rest, graphql, soap, restful, api, security, scanner, tool, vulnerability",
"author": "Vaibhav Kumar",
"author_email": "Vaibhav Kumar <myselfv@hotmail.com>",
"download_url": "https://files.pythonhosted.org/packages/81/00/6da90d7659c32a2d5ccb5eabbac9bcfdfd854eed9c19f0f37f602a7501c3/apisec-1.0.tar.gz",
"platform": null,
"description": "# API Security Testing Tool\n\nThis tool allows you to perform security scans on various types of APIs, including REST, SOAP, and GraphQL. It provides basic and advanced scans and integrates with Swagger for automated testing.\n\n## Features\n\n- **Basic API Scan**: Quickly scan a domain for common security vulnerabilities.\n- **Advanced Endpoint Scan**: Perform a more in-depth scan on specific API endpoints with custom headers.\n- **Swagger Integration**: Scan APIs using Swagger documentation (URL or file).\n- **SOAP Endpoint Testing**: Test SOAP APIs for security issues.\n- **GraphQL Endpoint Testing**: Scan GraphQL APIs to detect vulnerabilities.\n- **Output**: Save scan results in a JSON file for later analysis.\n\n## Installation\n\n### Method 1: \n\nInstall directly using pip from PyPi:\n\n```bash\npip install apisec\n```\n\n### Method 2:\n\nClone the repository and install the package using `pip`:\n\n```bash\ngit clone https://github.com/yourusername/apisec-tool.git\ncd apisec-tool\npip install .\n```\n\n### Post Install \nAfter installing apisec, run below command to install all dependecies and sync path variables.\n\n```bash\napisec -i\n```\n\n## Usage\n\n### REST API\n\n- Basic Scan: Perform a basic security scan on a domain:\n\n ```bash\n apisec -bs \"<domain name>\"\n ```\n\n- Advanced Scan: Perform an advanced scan on a specific API endpoint:\n\n ```bash\n apisec -ae \"<API endpoint>\" -ah \"<headers in JSON format>\"\n ```\n\n- Using Swagger JSON File: Scan APIs based on Swagger documentation:\n\n ```bash\n apisec -su \"<API server url>\" -sf \"<url or path to swagger.json file>\" \n ```\n\n### SOAP API\n\n- SOAP Scan: Test a SOAP API by specifying its endpoint:\n\n ```bash\n apisec -s \"<SOAP API endpoint>\n ```\n\n### GraphQL API\n\n- GraphQL Scan: Test a GraphQL API for security vulnerabilities:\n\n ```bash\n apisec -g \"<GraphQL API endpoint>\"\n ```\n\n### Saving Output\n\nTo save the scan results to a JSON file for later analysis, use the -o option:\n\n```bash\napisec -bs \"<domain name>\" -o \"scan_results.json\"\n```\n\n\n\n## License\n\nThis project is licensed under the MIT License. See the LICENSE file for more details.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "API Security Testing Tool",
"version": "1.0",
"project_urls": {
"Download": "https://github.com/vkvbit/apisec/archive/refs/tags/1.0.zip",
"Homepage": "https://github.com/vkvbit/apisec"
},
"split_keywords": [
"apisec",
" rest",
" graphql",
" soap",
" restful",
" api",
" security",
" scanner",
" tool",
" vulnerability"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "59bc0a968fd89ddbc32f893eea944e8e2416d0b95a34cfc3d15dfcf34eb4bc5d",
"md5": "1e433d09ff06c149e2f663900655729f",
"sha256": "7dd03ed31bb96c5c5f4cb372880347f391d08085152674fb12ec33c372efec9d"
},
"downloads": -1,
"filename": "apisec-1.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1e433d09ff06c149e2f663900655729f",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 8636,
"upload_time": "2024-10-11T12:17:10",
"upload_time_iso_8601": "2024-10-11T12:17:10.891424Z",
"url": "https://files.pythonhosted.org/packages/59/bc/0a968fd89ddbc32f893eea944e8e2416d0b95a34cfc3d15dfcf34eb4bc5d/apisec-1.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "81006da90d7659c32a2d5ccb5eabbac9bcfdfd854eed9c19f0f37f602a7501c3",
"md5": "e3bf6685d030b8da222857410bdcdef5",
"sha256": "29cf7b5ca6fb26ddb52a55d5008cb4416e3459e65601973feea5023076859668"
},
"downloads": -1,
"filename": "apisec-1.0.tar.gz",
"has_sig": false,
"md5_digest": "e3bf6685d030b8da222857410bdcdef5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 8968,
"upload_time": "2024-10-11T12:17:12",
"upload_time_iso_8601": "2024-10-11T12:17:12.719770Z",
"url": "https://files.pythonhosted.org/packages/81/00/6da90d7659c32a2d5ccb5eabbac9bcfdfd854eed9c19f0f37f602a7501c3/apisec-1.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-11 12:17:12",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "vkvbit",
"github_project": "apisec",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "apisec"
}
JSON
