issues
search
OWASP
/
OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
http://owasp.org/OFFAT/
MIT License
460
stars
67
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Alert(1) Popups on HTML Output
#143
farsheedify
opened
13 hours ago
0
Error in Parsing the YAML Config File
#142
farsheedify
opened
3 days ago
0
Bump aiohttp from 3.10.2 to 3.10.11 in /src in the pip group across 1 directory
#141
dependabot[bot]
closed
1 week ago
0
Issue with running the tool
#140
puriaayush01
closed
1 month ago
4
add missing auth implementation test
#139
dmdhrumilmistry
closed
2 months ago
0
Implement data leak detection feature
#138
dmdhrumilmistry
closed
2 months ago
0
Integrate goreleaser
#137
dmdhrumilmistry
closed
3 months ago
0
add -pr flag path regex filtering
#136
dmdhrumilmistry
closed
3 months ago
0
add bola trailing path test
#135
dmdhrumilmistry
closed
3 months ago
0
chore: bump deps and implement bola test
#134
dmdhrumilmistry
closed
3 months ago
0
handle regex based payloads
#133
dmdhrumilmistry
closed
3 months ago
0
Bump aiohttp from 3.9.5 to 3.10.2 in /src in the pip group across 1 directory
#132
dependabot[bot]
closed
3 months ago
0
Option to bypass host availability check
#131
jIgnoul
opened
3 months ago
2
Dev RELEASE v0.19.3
#130
dmdhrumilmistry
closed
4 months ago
0
fix ssl verification bug
#129
dmdhrumilmistry
closed
4 months ago
0
Dev RELEASE: v0.19.2
#128
dmdhrumilmistry
closed
4 months ago
0
Chore: Bump Deps
#127
dmdhrumilmistry
closed
4 months ago
0
Fix `ssl_verify` and `https` detection
#126
nrathaus
closed
4 months ago
0
Dev RELEASE: v0.19.1
#125
dmdhrumilmistry
closed
4 months ago
0
chore: bump deps versions
#124
dmdhrumilmistry
closed
4 months ago
0
Bump the pip group across 1 directory with 2 updates
#123
dependabot[bot]
closed
4 months ago
2
Bump certifi from 2024.6.2 to 2024.7.4 in /src in the pip group across 1 directory
#122
dependabot[bot]
closed
4 months ago
0
Bump certifi from 2024.6.2 to 2024.7.4 in /src in the pip group across 1 directory
#121
dependabot[bot]
closed
4 months ago
0
Dev RELEASE: v0.19.0
#120
dmdhrumilmistry
closed
5 months ago
0
chore: Use pypi OIDC
#119
dmdhrumilmistry
closed
5 months ago
0
chore: Fix api
#118
dmdhrumilmistry
closed
5 months ago
0
Bump the pip group across 1 directory with 2 updates
#117
dependabot[bot]
closed
5 months ago
0
Support for HTTP/2
#116
henning410
opened
5 months ago
5
SSL Verify was not properly handled
#115
nrathaus
closed
5 months ago
0
Need to be able to skip SSL Verification
#114
mr-tomr
closed
5 months ago
16
Issue running the OFFAT tool to scan Open Source API's
#113
puriaayush01
closed
5 months ago
2
Bump requests from 2.31.0 to 2.32.0 in /src in the pip group across 1 directory
#112
dependabot[bot]
closed
6 months ago
0
New tests for `fill_params` and `BaseParser`
#111
nrathaus
closed
6 months ago
0
Dev RELEASE: v0.18.0
#110
dmdhrumilmistry
closed
6 months ago
0
Bump deps and project versions
#109
dmdhrumilmistry
closed
6 months ago
0
rename result to vulnerable
#108
dmdhrumilmistry
closed
6 months ago
0
Additional regexs
#107
nrathaus
closed
6 months ago
0
Add automated tests
#106
dmdhrumilmistry
opened
6 months ago
1
Additional tokens for `data_leak`
#105
nrathaus
closed
6 months ago
2
Fix empty matches
#104
nrathaus
closed
6 months ago
1
`PhoneNumberIN` returns empty values in the array
#103
nrathaus
closed
6 months ago
7
Make output more clear if the endpoint is or not vulnerable
#102
nrathaus
closed
6 months ago
5
96 false positive on ssti check
#101
dmdhrumilmistry
closed
7 months ago
0
False negative related to SQL Injection
#100
nrathaus
opened
7 months ago
3
Set the 'type' param so that future calls will know its type
#99
nrathaus
closed
6 months ago
3
Strange values instead of Payloads
#98
nrathaus
closed
6 months ago
2
False negative in OS Injection
#97
nrathaus
closed
6 months ago
1
False positive on SSTI check
#96
nrathaus
closed
7 months ago
6
Code reuse to reduce length and complexity
#95
nrathaus
closed
7 months ago
1
Dev RELEASE: v0.17.5
#94
dmdhrumilmistry
closed
7 months ago
0
Next