Skip to content
/ openpen Public

Open source CLI for API fuzzing and penetration testing

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tjamescouch/openpen

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
owl
owl
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

openpen

Open source CLI for API fuzzing and penetration testing.

Features

  • API fuzzing — Automated endpoint discovery and input mutation
  • Authentication testing — Token handling, session management, auth bypass checks
  • Rate limit detection — Identifies rate limiting behavior and thresholds
  • WebSocket testing — Protocol-level security checks for WS endpoints
  • YAML configs — Define scan targets and test suites declaratively
  • OWASP coverage — Tests aligned with OWASP API Security Top 10

Quick Start

npm install
npm run build

# Run a scan
openpen scan target.yaml

Responsible Use

This software is intended for authorized security testing, research, and development only. Do not use it against systems you do not own or have explicit written permission to test. Users are solely responsible for ensuring their use complies with all applicable laws and regulations. Unauthorized access to computer systems is illegal.

License

MIT

About

Open source CLI for API fuzzing and penetration testing

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages