DEV Community

Intesar Mohammed
Intesar Mohammed

Posted on

3 1

Security Test REST APIs in Minutes for Free

EthicalCheck is a free and automated API security test service.

Since our launch a few months ago, we learned one-third of tested public-facing REST APIs have vulnerabilities that automated bots can easily exploit. EthicalCheck is a free web app that instantly detects vulnerabilities in REST APIs without coding.

How to get started

  1. Go to the https://EthicalCheck.dev

  2. API: Enter OpenAPI/Swagger URL and your email in the input fields provided and click the scan button.

  3. Processing: Once your request is submitted. The EthicalCheck engine creates a map of all your API endpoints. It then automatically writes security tests covering the OWASP API #2. Finally, it runs the tests against your API. All tests are non-intrusive, and they only look for broken authentication issues.

  4. Report: You'll receive an enterprise-grade App/API penetration test report. The test report meets SOC 2 and similar compliance mandates.

  5. Bugs: The test report includes all the tested endpoints, coverage lists, exceptions, and vulnerabilities/bugs. Vulnerabilities are automatically triaged for you, which means every vulnerability has a severity, CVSS score, endpoint information, OWASP tag, etc., saving you time and resources.

Result view

Try a Sample REST APIs:

Check our sample API on the https://ethicalcheck.dev home page.
This sample API is a banking API with features like accounts, transactions, and more. It's an excellent API to learn how to detect authentication and authorization security bugs.

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay