1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
//! OWASP API Security Top 10 (2023) Testing Module
//!
//! This module provides automated security testing based on the
//! OWASP API Security Top 10 (2023) categories:
//!
//! - **API1**: Broken Object Level Authorization (BOLA)
//! - **API2**: Broken Authentication
//! - **API3**: Broken Object Property Level Authorization
//! - **API4**: Unrestricted Resource Consumption
//! - **API5**: Broken Function Level Authorization
//! - **API6**: Unrestricted Access to Sensitive Business Flows
//! - **API7**: Server Side Request Forgery (SSRF)
//! - **API8**: Security Misconfiguration
//! - **API9**: Improper Inventory Management
//! - **API10**: Unsafe Consumption of APIs
//!
//! # Usage
//!
//! ```bash
//! # Full OWASP API Top 10 scan
//! mockforge bench --spec api.yaml --target https://api.example.com \
//! --owasp-api-top10 \
//! --owasp-auth-header "Authorization"
//!
//! # Specific categories only
//! mockforge bench --spec api.yaml --target https://api.example.com \
//! --owasp-api-top10 \
//! --owasp-categories "api1,api2,api7"
//! ```
//!
//! # Example
//!
//! ```ignore
//! use mockforge_bench::owasp_api::{OwaspApiConfig, OwaspCategory};
//!
//! let config = OwaspApiConfig::new()
//! .with_categories([OwaspCategory::Api1Bola, OwaspCategory::Api7Ssrf])
//! .with_auth_header("X-Auth-Token")
//! .with_valid_auth_token("Bearer secret123");
//!
//! // Generate k6 test script
//! let generator = OwaspApiGenerator::new(config, &spec);
//! let script = generator.generate()?;
//! ```
// Re-export commonly used types
pub use ;
pub use ;
pub use OwaspApiGenerator;
pub use ;
pub use ;
pub use ;