[Tool request] Bruno

[ikstream]

• Name: Bruno
• Source URL:https://github.com/usebruno/bruno
• Description:Opensource IDE For Exploring and Testing Api's (lightweight alternative to postman/insomnia)

Since postman moved to a cloud model, it can be problematic to send private API data to a third company during a penetration test. It doesn't fully cover postman's features yet, but is on a good way and got a lot of traction.

There is already an AUR package available

[noraj]

I know we already have some AUR helpers, etc. but in general we shouldn't start to package all tool that are not directly security related and leave them to the AUR. What do you think?

[ikstream]

This tool is very handy while performing exclusively API tests. When all you have is a swagger file and only API in scope. You start with known, valid (spends in the information you have been provided with) requests, which can help revalidate tokens or just send requests from there (through a proxy).