API Security Checker

Audit API security and identify vulnerabilities based on OWASP Top 10.

Quick Start

Check authentication, validate inputs, prevent SQL injection, implement rate limiting, use HTTPS.

Instructions

OWASP Top 10 for APIs

1. Broken Object Level Authorization:

// Bad: No authorization check
app.get('/api/users/:id', (req, res) => {
  const user = await User.findById(req.params.id);
  res.json(user);
});