implementing-api-security-testing-with-42crunch
CommunityDetect API security risks from spec to runtime.
AuthorAcczdy
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Helping teams find and fix API security issues early and at runtime by combining static OpenAPI audits with dynamic conformance scans and runtime enforcement, reducing exposure to OWASP API Security risks.
Core Features & Use Cases
- Static API Audit: Analyze OpenAPI v2/v3 specs to surface schema, authentication, transport, and data-exposure issues with remediation guidance.
- Dynamic Conformance Scanning: Execute runtime scans against staging or running APIs to detect OWASP API Top 10 vulnerabilities and generate machine-readable reports.
- CI/CD & Runtime Integration: Integrate audits and scans into GitHub Actions or Jenkins pipelines and deploy API Protect as a micro-gateway for contract enforcement.
- Use Case: Integrate into a CI pipeline so every pull request triggers an OpenAPI audit and prevents merges when the security score falls below the defined threshold.
Quick Start
Run a 42Crunch audit on your OpenAPI file and produce a SARIF or JSON report with authentication tokens if required.
Dependency Matrix
Required Modules
pyyaml
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: implementing-api-security-testing-with-42crunch Download link: https://github.com/Acczdy/MoZiSec/archive/main.zip#implementing-api-security-testing-with-42crunch Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.