Test API project...

[SP]

HI All,

I remember there used to be a WebGoat project that was used to demonstrate OWASP application vulnerabilities. Is there a similar project for APIs?

Looking for a vulnerable API application that can be used to demonstrate the vulnerabilities in APIs.

Thanks

SP

[Paulo Silva]

Hi,

If you look into What's Next For Developers section [1] you'll find there our recommendation

while we work on crAPI - Completely Ridiculous API [2].

[1]: https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xb0-next-devs.md

[2]: https://owasp.org/www-project-api-security/#div-roadmap

Cheers,
Paulo A. Silva