A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
GNU Affero General Public License v3.0
275
stars
67
forks
source link
2) feature - updating Capital to the new OWASP API Security Top 10 2023 #61
Add an exercise for API6:2023 Unrestricted Access to Sensitive Business Flows
https://owasp.org/API-Security/editions/2023/en/0xa6-unrestricted-access-to-sensitive-business-flows/