This repository contains API security test definitions and related remediation notes for common vulnerability categories such as BOLA, SSRF, injection attacks, authentication issues, and misconfigured HTTP headers.
Note: This test library is referenced from Akto.
- Test definitions are organized by vulnerability category.
- Additional pending or migrated test definitions are kept under
missing-test-library-yamls/. - Remediation guidance is available under
remediation/.
This project is licensed under the MIT License.