testing-api-security-with-owasp-top-10
CommunityDetect OWASP Top 10 vulnerabilities in APIs
AuthorAcczdy
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill provides a structured, repeatable approach to identify common API security weaknesses defined in the OWASP API Security Top 10, reducing the risk of broken authentication, object-level authorization failures, excessive data exposure, SSRF, and related issues that lead to data leaks or privilege escalation.
Core Features & Use Cases
- Automated checks for security headers, CORS misconfigurations, and deprecated API versions to detect misconfiguration and inventory issues.
- Active testing routines for BOLA (IDOR), broken authentication, mass assignment, rate limiting, SSRF, and other OWASP API risks with optional token-based authenticated scans.
- Use Case: run during authorized penetration tests or pre-deployment reviews to map endpoints, fuzz parameters, verify authz/authn controls, and generate a JSON findings report.
Quick Start
Run the agent against the target API with an authorized token to scan endpoints for OWASP API Security Top 10 issues.
Dependency Matrix
Required Modules
requestsurllib3
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: testing-api-security-with-owasp-top-10 Download link: https://github.com/Acczdy/MoZiSec/archive/main.zip#testing-api-security-with-owasp-top-10 Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.