Pricing type: Free
A CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
See the website


Cherrybomb reads your API spec file (Open API Specification) and validates it for best practices and the OAS specification, then it tests to verify that the API follows the OAS file and tests for common vulnerabilities. The output is a detailed table with any issues found, guiding you to the exact problem and location to help you solve it quickly.

Related tools (Security Testing)


Browser templates for Browser In The Browser (BITB) attack.

Lint an npm or Yarn lockfile to analyze and detect security issues via predefined security policies.

An on-path blackbox network traffic security testing tool


Automate web applications security assessments