Skip to content

imharshitaa/API_Pentest

BranchesTags

Repository files navigation

API_Pentest

Modular API security testing project with category-specific discovery, test, and exploit scripts.

What this repo provides

  • Category folders for API security risks.
  • *_discovery.py scripts to enumerate endpoints and weak signals.
  • *_test.py scripts to validate vulnerabilities.
  • *_exploit.py scripts to demonstrate impact in an authorized lab.
  • Shared HTTP helper utilities in /Users/harshitaaa/Projects/API_Pentest/utils/api_utils.py.

Quick start

1. Clone

git clone <your-repo-url>
cd API_Pentest

2. Create environments (separate for discovery, test, exploit)

python3 -m venv .venv-discovery
python3 -m venv .venv-test
python3 -m venv .venv-exploit

3. Install dependencies in each env

source .venv-discovery/bin/activate
pip install requests

deactivate
source .venv-test/bin/activate
pip install requests

deactivate
source .venv-exploit/bin/activate
pip install requests

deactivate

4. Set target API base URL

export API_BASE_URL="http://localhost:8000"

The scripts use API_BASE_URL from environment and default to http://localhost:8000.

How to run locally

Discovery phase

source .venv-discovery/bin/activate
python BOLA/bola_discovery.py
python MassAssignment/mass_assignment_discovery.py
python NoSQLi/nosqli_discovery.py
python PathTraversal/path_traversal_discovery.py
python CommandInjection/command_injection_discovery.py
deactivate

Testing phase

source .venv-test/bin/activate
python BOLA/bola_test.py
python MassAssignment/mass_assignment_test.py
python NoSQLi/nosqli_test.py
python PathTraversal/path_traversal_test.py
python CommandInjection/command_injection_test.py
deactivate

Exploitation phase (authorized lab only)

source .venv-exploit/bin/activate
python BOLA/bola_exploit.py
python MassAssignment/mass_assignment_exploit.py
python NoSQLi/nosqli_exploit.py
python PathTraversal/path_traversal_exploit.py
python CommandInjection/command_injection_exploit.py
deactivate

Current test categories

Existing categories already in repo:

  • BOLA (Broken Object Level Authorization)
  • BFLA (Broken Function Level Authorization)
  • BUA (Broken User Authentication)
  • BusinessLogic
  • RateLimit
  • MassAssignment (BOPLA)
  • InventoryManagement (Improper Inventory Management)
  • SecurityMisconfig
  • UnsafeConsumption
  • SSRF
  • SQLi
  • InformationDisclosure
  • GraphQL
  • JWT
  • XXE
  • CORS
  • InsecureDeserialization

New categories added in this update:

  • NoSQLi
  • PathTraversal
  • CommandInjection

Each category follows:

<Category>/
  <category>_discovery.py
  <category>_test.py
  <category>_exploit.py

Notes for finishing the project

  • Start with discovery outputs and prioritize endpoints that return 200/201/204.
  • Move only confirmed candidates into *_test.py validation.
  • Run exploit scripts only on isolated/local targets with permission.
  • Keep payloads and observations per category in your report artifacts.

Authorization and safety

Use these scripts only on systems you own or are explicitly authorized to test.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages