Free API Security Tools
Our API security tools are available directly as extensions on the most popular IDE and CI/CD platforms you use on a daily basis. They can be used to create, edit, lint and audit OpenAPI contracts. ย They can also run dynamic testing on the API for security vulnerabilities and conformance to the OpenAPI contract. Our API tools also integrate with multiple gateway, runtime and monitoring platforms.ย The following tools are available either completely free, free with limited use or on free trial. Get started today.
OpenAPI (Swagger) Editor
Create and edit OpenAPI definition files using the Free OpenAPI Swagger editor directly in your favorite IDE. Enjoy features such as Quick fixes, Try it (test live endpoints) and Preview features and supports OpenAPI definition files in JSON or YAML format. Also, lint and audit the OpenAPI file with the API Audit (see below). Join 1M+ other developers using these free extensions.
API Security Testing
The ย API Audit tool audits the OpenAPI contract based on three areas:
- Security
- Data validation
- OpenAPI format.
It provides an instant score out of 100 and offers remediation advice. Fixing security issues at design time greatly enhances the overall security of your API when it comes to the build stage.
API Scan dynamically tests the security of the API and its conformance against the API design / OpenAPI definition. Tests include Request & Response contract violations and Authentication/Authorisation checks. It also allows you to create manual test scenarios for BOLA, BFLA and other custom test scenarios.
The tool is available across a number of platforms: IDE, CI/CD and as part of the 42Crunch Platform. Check out our Freemium offering where we offer API security testing with limited free monthly usage.
IDE
Linked from the 42Crunch OpenAPI (Swagger) Editor
CI/CD
Automatically locates your OpenAPI definition files in your repository and scores each OpenAPI contract.
Ready to Learn More?
Developer-first solution for delivering API security as code.