Open Source - Escape - The API Security Blog

The API Security Academy: Under the Hood

The API Security Academy is built upon a technology that comes straight from the future—and by that, we mean the brilliant minds at StackBlitz—WebContainers. You may already know regular containers, the ones you can run with Docker and Kubernetes, which are lightweight virtualization units that allow developers to

GraphQL

API Security Academy: a smarter way to learn GraphQL security

Learning about GraphQL security is now more accessible than ever! We're excited to introduce the API Security Academy, developed by the Escape team. Escape's API Security Academy is a free and open-source collection of interactive challenges that will teach you how to secure your GraphQL applications. The challenges are designed

GraphQL

Building a free open source GraphQL wordlist for penetration testing

In cybersecurity, the old saying that the "best defense is a good offense" rings true. This philosophy is reflected in the approach we call offensive security. It involves actively seeking out system vulnerabilities to fix them before they can be exploited. It's about taking the initiative, keeping a step ahead

GraphQL

Introducing Goctopus: Open Source GraphQL endpoint discovery & fingerprinting tool

In the fast-evolving domain of APIs, GraphQL has emerged as a powerful, data-oriented language. As its adoption soars, so does the need for robust tools to discover and fingerprint these APIs. Enter Goctopus, a Golang-based solution we developed at Escape to provide comprehensive, fast, and interoperable endpoint discovery and fingerprinting

Announcement

Introducing GraphMan: instantly scaffold a Postman collection for your GraphQL API

While querying, developing, and testing your GraphQL APIs with postman is easy and convenient, it has a big caveat: if you want to cover an endpoint with all its queries and mutations entirely, it will take you hours and repetitive steps to create every request, and you'll almost surely miss

Pentesting

Graphinder: lightweight and blazing fast GraphQL endpoint finder

Introducing Graphinder, a lightweight and blazing fast GraphQL endpoint finder, making penetration testing on GraphQL much faster ⚡️

Open Source

Introducing 🪝 Mookme 🪝, a git hook manager for monorepos

Ever had troubles managing your git hooks in a monorepository ? We did too, so we created Mookme to solve our problems. Here is a git hook manager for dealing with different projects and languages, automated filtering, ease of configuration and setup.