Jump to content

APICheck - The DevSecOps toolset for HTTP APIs

Recommended Posts




APICheck - The DevSecOps toolset for HTTP APIs

APICheck is an environment for integrating existing HTTP APIs tools and create execution chains easily. Designed with integration third party tools in mind.


APICheck is comprised of a set of tools that can be connected to each other to achieve different functionalities, depending on how they are connected. It allows you to create execution chains


Why another REST APIs tool?

APICheck aims to be a universal toolset for testing REST APIs, allowing you to mix and match the tools it provides, while enabling interoperability with third party tools. This way we hope that it will be useful to a wide spectrum of users that need to deal with REST APIs.


Who is APICheck for?

APICheck focuses not only in the security testing and hacking use cases, the goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to different user profiles:

  • Developers
  • System Administrators
  • Security Engineers & Penetration Testers


Pipelines & data flow

In *NIX, you can chain multiple commands together in a pipeline. Consider this one:




In a similar way, you can build APICheck pipelines by chaining the different tools together.

To allow interoperability among commands and tools, all of them share a common JSON data format. In other words, APICheck commands output JSON documents, and accept them as input, too. This allows you to build pipelines (as we showed in the previous section).



If your are a tool developer you can integrate with APICheck tools in no more than 10 minutes. Please check the Integrating new tools guide



This project is distributed under Apache 2 license


Download: www-project-apicheck-master.zip


git clone https://github.com/OWASP/www-project-apicheck.git



Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...