·pentest-api-deep
!

pentest-api-deep

jd-opensource/joysafeterGitHub: jd-opensource/joysafeterSource: jd-opensource/joysafeter

Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.

jd-opensource·pentest·api·deep
20Installs·2Trend·@jd-opensource

Installation

GitHub: jd-opensource/joysafeter
$npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-api-deep

How to Install pentest-api-deep

Quickly install pentest-api-deep AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-api-deep
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: jd-opensource/joysafeter.

SKILL.md

View raw

Purpose Perform dedicated API-specific vulnerability testing beyond basic BOLA/GraphQL coverage. Addresses Broken Function Level Authorization (BFLA), mass assignment, rate limiting, excessive data exposure, and unsafe consumption per OWASP API Security Top 10 (2023).

| API1 Broken Object Level Authorization | IDOR via API params | ✅ | | API2 Broken Authentication | Token/key weaknesses | ✅ | | API3 Broken Object Property Level Authorization | Mass assignment, excessive data | ✅ | | API4 Unrestricted Resource Consumption | Rate limits, complexity | ✅ |

| API5 Broken Function Level Authorization | BFLA, method switching | ✅ | | API6 Unrestricted Access to Sensitive Business Flows | Automation abuse | ✅ | | API7 Server Side Request Forgery | API-triggered SSRF | ✅ | | API8 Security Misconfiguration | CORS, headers, versioning | ✅ | | API9 Improper Inventory Management | Shadow APIs, deprecated versions | ✅ |

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-api-deep
Source
jd-opensource/joysafeter
Category
!Security
Verified
First Seen
2026-02-26
Updated
2026-03-10
URL
https://www.learn-skills.dev/en/skills/jd-opensource/joysafeter/pentest-api-deep

Browse more skills from jd-opensource/joysafeter

Quick answers

What is pentest-api-deep?

Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption. Source: jd-opensource/joysafeter.

How do I install pentest-api-deep?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/jd-opensource/joysafeter --skill pentest-api-deep Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/jd-opensource/joysafeter

Details

Category
!Security
Source
skills.sh
First Seen
2026-02-26

Related Skills

pentest-mobile-app
30 Installs
pentest-osint-recon
30 Installs
pentest-exploit-validation
27 Installs
pentest-ctf-binary
26 Installs
pentest-whitebox-code-review
24 Installs
pentest-business-logic
23 Installs