{"API Security"}

API Security Tooling

These are the open source management related tooling that I am tracking on as part of my research, and can be used as part of the API security process.


blacksheepwall is a hostname reconnaissance tool written in Go.


CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities


Automated digital reconnaissance


Knock Subdomain Scan


A DNS meta-query spider that enumerates DNS records, and subdomains.

Thinktecture AuthorizationServer

AuthorizationServer is the foundation for implementing application and API authorization. As a first step, we provide an implementation of the OAuth2 authorization framework.

If there is an "open source tool" that should be listed here, submit as a Github Issue, and I will consider adding.