EnglishFrenchSpanish

OnWorks favicon

APIthet download for Windows

Free download APIthet Windows app to run online win Wine in Ubuntu online, Fedora online or Debian online

This is the Windows app named APIthet whose latest release can be downloaded as APIthet.zip. It can be run online in the free hosting provider OnWorks for workstations.

Download and run online this app named APIthet with OnWorks for free.

Follow these instructions in order to run this app:

- 1. Downloaded this application in your PC.

- 2. Enter in our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.

- 3. Upload this application in such filemanager.

- 4. Start any OS OnWorks online emulator from this website, but better Windows online emulator.

- 5. From the OnWorks Windows OS you have just started, goto our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.

- 6. Download the application and install it.

- 7. Download Wine from your Linux distributions software repositories. Once installed, you can then double-click the app to run them with Wine. You can also try PlayOnLinux, a fancy interface over Wine that will help you install popular Windows programs and games.

Wine is a way to run Windows software on Linux, but with no Windows required. Wine is an open-source Windows compatibility layer that can run Windows programs directly on any Linux desktop. Essentially, Wine is trying to re-implement enough of Windows from scratch so that it can run all those Windows applications without actually needing Windows.

SCREENSHOTS

Ad


APIthet


DESCRIPTION

APIthet is an application to security test RESTful web APIs. Assessing APIs help in detecting security vulnerabilities at an early stage of the SDLC.

Compare this with assessing an Android application that uses APIs on a backend server. This kind of assessment happens at a much later phase of the SDLC. Even worse, it does not necessarily touch all the APIs.

That's not all. You specify one of the JSON parameters as random. This helps set a unique value for a specific JSON parameter in an API.

The application is available as a Windows exe file..

In progress and planned features:
-More test cases to attack target API.
-Add APIs and define sequence.
-Read APIs from doc link.
-Business Logic test.

TODO: Build for Linux (and may be OS X).



Features

  • XSS - Reflected, Stored and Blind (for JSON payloads in POST calls)
  • XSS - Reflected, Stored and Blind (for URL parameters in GET calls)
  • SQLI - URL based blind SQLI
  • SQLI - Error based
  • CSRF detection
  • CORS detection
  • Unauthorised Access and Privilege Escalation Scenario warnings
  • Warns against Clickjacking
  • Warns against XSS protection header miss
  • Warns if the application is not HSTS enabled
  • HTML injection detection
  • Open Redirect vulnerability detection
  • Warns against server footprint
  • Set a unique/random JSON parameter
  • Reports issues with OWASP and CWE categories


Audience

Security Professionals




Categories

Security, Web Services, JSON

This is an application that can also be fetched from https://sourceforge.net/projects/apithet/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    Atom
    Atom
    Atom is a text editor that's
    modern, approachable and full-featured.
    It's also easily customizable- you
    can customize it to do anything and be
    able to ...
    Download Atom
  • 2
    Osu!
    Osu!
    Osu! is a simple rhythm game with a well
    thought out learning curve for players
    of all skill levels. One of the great
    aspects of Osu! is that it is
    community-dr...
    Download Osu!
  • 3
    LIBPNG: PNG reference library
    LIBPNG: PNG reference library
    Reference library for supporting the
    Portable Network Graphics (PNG) format.
    Audience: Developers. Programming
    Language: C. This is an application that
    can also...
    Download LIBPNG: PNG reference library
  • 4
    Metal detector based on  RP2040
    Metal detector based on RP2040
    Based on Raspberry Pi Pico board, this
    metal detector is included in pulse
    induction metal detectors category, with
    well known advantages and disadvantages.
    RP...
    Download Metal detector based on RP2040
  • 5
    PAC Manager
    PAC Manager
    PAC is a Perl/GTK replacement for
    SecureCRT/Putty/etc (linux
    ssh/telnet/... gui)... It provides a GUI
    to configure connections: users,
    passwords, EXPECT regula...
    Download PAC Manager
  • 6
    GeoServer
    GeoServer
    GeoServer is an open-source software
    server written in Java that allows users
    to share and edit geospatial data.
    Designed for interoperability, it
    publishes da...
    Download GeoServer
  • More »

Linux commands

  • 1
    acdtablee
    acdtablee
    acdtable - Generate an HTML table of
    parameters from an application ACD file ...
    Run acdtablee
  • 2
    acdtracee
    acdtracee
    acdtrace - Trace processing of an
    application ACD file (for testing) ...
    Run acdtracee
  • 3
    cpufreq-aperf
    cpufreq-aperf
    cpufreq-aperf - Calculates the average
    frequency over a time period SYNTAX:
    cpufreq-aperf [options] DESCRIPTION: On
    latest processors exist two MSR
    registers r...
    Run cpufreq-aperf
  • 4
    cpufreq-info
    cpufreq-info
    cpufreq-info - Utility to retrieve
    cpufreq kernel information SYNTAX:
    cpufreq-info [options] DESCRIPTION: A
    small tool which prints out cpufreq
    information hel...
    Run cpufreq-info
  • 5
    g.extension.allgrass
    g.extension.allgrass
    g.extension.all - Rebuilds or removes
    all locally installed GRASS Addons
    extensions. By default only extensions
    built against different GIS Library are
    rebuilt...
    Run g.extension.allgrass
  • 6
    g.filenamegrass
    g.filenamegrass
    g.filename - Prints GRASS data base
    file names. KEYWORDS: general, map
    management, scripts ...
    Run g.filenamegrass
  • More »

Ad