REST-Attacker currently provides these features:
Get the tool by downloading or cloning the repository:
You need Python >3.10 for running the tool.
You also need to install the following packages with pip:
Get the list of supported test cases:
Basic test run (with load-time test case generation):
Full test run (with load-time and runtime test case generation + rate limit handling):
Test run with only selected test cases (only generates test cases for test cases scopes.TestTokenRequestScopeOmit and resources.FindSecurityParameters):
Rerun a test run from a report:
Unfortunately, we can be very busy sometimes, so it may take a while before we respond to comments in this repository.
