Cybersecurity-Projects/PROJECTS/intermediate/api-security-scanner
dependabot[bot] 54b820c5fe
chore(deps): bump pydantic-settings
Bumps [pydantic-settings](https://github.com/pydantic/pydantic-settings) from 2.12.0 to 2.14.2.
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](https://github.com/pydantic/pydantic-settings/compare/v2.12.0...v2.14.2)

---
updated-dependencies:
- dependency-name: pydantic-settings
  dependency-version: 2.14.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-20 01:35:21 +00:00
..
backend chore(deps): bump pydantic-settings 2026-06-20 01:35:21 +00:00
conf Phase 1.1: Organize PROJECTS by difficulty level 2026-01-29 02:41:15 -05:00
frontend chore(deps): bump axios 2026-06-04 19:09:18 +00:00
learn add learn documents for api-security-scanner 2026-02-04 01:47:13 -05:00
.env.example add and create all learn/ folders for intermediate projects 2026-02-01 03:33:40 -05:00
.gitignore feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
.pre-commit-config.yaml Phase 1.1: Organize PROJECTS by difficulty level 2026-01-29 02:41:15 -05:00
LICENSE - Standardize READMEs and add justfiles across all 14 projects 2026-02-11 07:01:25 -05:00
README.md Update README.md 2026-06-02 09:28:16 -04:00
compose.yml add and create all learn/ folders for intermediate projects 2026-02-01 03:33:40 -05:00
dev.compose.yml Phase 1.1: Organize PROJECTS by difficulty level 2026-01-29 02:41:15 -05:00
justfile Phase 1.1: Organize PROJECTS by difficulty level 2026-01-29 02:41:15 -05:00
package.json add and create all learn/ folders for intermediate projects 2026-02-01 03:33:40 -05:00

README.md

███████╗ ██████╗ █████╗ ███╗   ██╗███╗   ██╗███████╗██████╗
██╔════╝██╔════╝██╔══██╗████╗  ██║████╗  ██║██╔════╝██╔══██╗
███████╗██║     ███████║██╔██╗ ██║██╔██╗ ██║█████╗  ██████╔╝
╚════██║██║     ██╔══██║██║╚██╗██║██║╚██╗██║██╔══╝  ██╔══██╗
███████║╚██████╗██║  ██║██║ ╚████║██║ ╚████║███████╗██║  ██║
╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚═╝  ╚═╝

Cybersecurity Projects Python React License: AGPLv3 Docker OWASP

Full-stack API vulnerability scanner targeting the OWASP API Security Top 10 with configurable scan modules and a React dashboard.

Watch on YouTube

Video Thumbnail

Learn docs here: learn modules.

What It Does

  • Scans REST APIs against OWASP API Security Top 10 vulnerability categories
  • Tests for authentication bypass, injection flaws, IDOR, and rate limiting weaknesses
  • SQLi, authentication, IDOR, and rate limit scanner modules with configurable payloads
  • JWT auth with bcrypt password hashing and session management
  • Scan history tracking with detailed vulnerability reports per endpoint
  • Full React dashboard for configuring scans and reviewing results

Quick Start

docker compose up -d

Visit http://localhost:8080 to open the dashboard.

[!TIP] This project uses just as a command runner. Type just to see all available commands.

Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin

Stack

Backend: FastAPI, SQLAlchemy, PostgreSQL, Alembic, httpx, aiohttp

Frontend: React, TypeScript, Vite

Learn

This project includes step-by-step learning materials covering security theory, architecture, and implementation.

Module Topic
00 - Overview Prerequisites and quick start
01 - Concepts Security theory and real-world breaches
02 - Architecture System design and data flow
03 - Implementation Code walkthrough
04 - Challenges Extension ideas and exercises

License

AGPL 3.0