EthicalCheckā„¢ (v1.1.0)


Free & Instant API Penetration Testing



A valid API URL is required.
Dont have an API? Try this sample API: http://netbanking.apisec.ai:8080/v2/api-docs    Copied.
A valid email is required.

Apisec scanning your API

The scan will take approximately 60 seconds to complete. Please wait for results.




Result for

API Score
A
C
Test Duration
Total Tests Executed
Total Playbooks
Tests Passed
Tests Failed
Vulnerabilities Found
Environment




API Security

According to Gartner, APIs are the most-frequent attack vector. Hackers/bots have exploited API vulnerabilities resulting in major breaches across thousands of startups and large enterprises.

Benefits

(DAF) Discover, Analyze and Fix vulnerabilities in your API/application. Instantly discover OAuth 2.0, JWT, BasicAuth, OWASP API #2, and broken authentication defects in your web/mobile/public APIs.

Safety

All tests are non-intrusive and require no access to live traffic. Test your production/development APIs. EthicalCheck delivered hundreds of API security reports to developers, startups, and large organizations.

Reporting

Generate enterprise-grade security reports. Confidently share it with developers, customers, partners, and compliance teams.




API

Windows:

Copied.

set email=xxx@apisec.ai
set openAPISpec=http://netbanking.apisec.ai:8080/v2/api-docs
curl -X POST "https://pentest.apisec.ai/api/v1/pentest" -H "Content-Type: application/json" -d "{ \"openAPISpec\": \"%openAPISpec%\",\"email\": \"%email%\" }"

Linux:

Copied.

export email=xxx@apisec.ai
export openAPISpec=http://netbanking.apisec.ai:8080/v2/api-docs
curl -X POST 'https://pentest.apisec.ai/api/v1/pentest' -H 'Content-Type: application/json' -d '{ "openAPISpec": "'${openAPISpec}'", "email": "'${email}'" }'

APIsec-pentest

APIsec-pentest