Free Security Tools
Free tools from 42Crunch that help you deliver security as code
Online Tools

OpenAPI (Swagger) Security Audit
Upload your OpenAPI / Swagger JSON file into our API security tool to get a detailed analysis of the possible vulnerabilities and other issues.
Free Audit
OpenAPI (Swagger) Security Encyclopedia
API Security Encyclopedia collects together information on the risks, guidelines, and recommendations relating to API security.
Explore More
OWASP API Security Top 10 Cheat Sheet
Download our OWASP API Security Top 10 cheat sheet and Learn more about how 42Crunch can protect you from the top 10 API threats.
Learn MoreIDE Tools

OpenAPI (Swagger) Editor for VS Code
This VS Code extension adds rich support for the OpenAPI Specification (OAS) (formerly known as Swagger) in JSON or YAML format.
Get the Extension
OpenAPI (Swagger) Editor for IntelliJ
This IntelliJ extension adds rich support for the OpenAPI Specification (OAS) (formerly known as Swagger) in JSON or YAML format.
Get the Extension
OpenAPI (Swagger) Editor for Eclipse
This Eclipse extension adds rich support for the OpenAPI Specification (OAS) (formerly known as Swagger) in JSON or YAML format.
Get the ExtensionCI/CD Tools

42C Security Audit for Bitbucket
The REST API Static Security Testing pipe lets you add an automatic static application security testing (SAST) task to your CI/CD pipelines.
Get the Extension
42C Security Audit for Jenkins
The REST API Static Security Testing plugin lets you add an automatic static application security testing (SAST) task to your CI/CD pipelines.
Get the Extension
42C Security Audit for Azure Pipelines
This REST API static security testing tool allows you to add automated static application security testing tasks to your CI/CD pipeline runs.
Get the Extension
42C Security Audit for Bamboo
You can integrate API Contract Security Audit in Atlassian Bamboo through the 42C REST API Static Security Testing app.
Get the Extension
42C Security Audit for GitHub Actions
The REST API Static Security Testing action lets you add an automatic static application security testing (SAST) task to your CI/CD workflows.
Get the Extension
42C Security Audit for SonarQube
The REST API Static Security Testing action lets you add an automatic static application security testing (SAST) task to your CI/CD workflows.
Get the ExtensionAPI Firewall

API Firewall Container for Azure Kubernetes
42Crunch brings agility and scale to API threat protection with this API firewall container to protect microservices in Kubernetes/AKS.
Get the FirewallReady to Get Started?
Developer-first solution for delivering API security as code.