Syntribos

Syntribos is an automated API security testing tool.

Given a simple configuration file and an example HTTP request, syntribos can replace any API URL, URL parameter, HTTP header and request body field with a given set of strings. Syntribos iterates through each position in the request automatically. Syntribos aims to automatically detect common security defects such as SQL injection, LDAP injection, buffer overflow, etc. In addition, syntribos can be used to help identify new security defects by automated fuzzing.

Syntribos has the capability to test any API, but is designed with OpenStack applications in mind.

Index

• Syntribos, An Automated API Security Testing Tool
• Installation
• Initializing the syntribos Environment
• Configuration
• Commands
• Running syntribos
• Logging and Results
• Anatomy of a request template

For Developers

• Project Structure
• Contributing Guidelines
• Syntribos Code Documentation
• Unit testing

Project information

• Documentation
• Free software: Apache license
• Launchpad project
• Blueprints
• Bugs
• Source code