Metlo

It is the only complete API development environment, used by nearly five million developers and more than 100,000 companies worldwide.

It is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.

It is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).

Insomnia is a powerful REST API Client with cookie management, environment variables, code generation, and authentication for Mac, Window, and Linux.

It is probably the most popular HTTP client library for .NET. Featuring automatic serialization and deserialization, request and response type detection, variety of authentications and other useful features

It is a publicly available application programming interface that provides developers with programmatic access to a proprietary software application or web service.

Ensighten is a comprehensive website security company, offering next generation compliance, enforcement and client-side protection against data loss, ad injection and intrusion.

Retrofit turns your HTTP API into a Java interface

It is a free service that protects your website from spam and abuse. It uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site. It does this while letting your valid users pass through with ease.

It defines a standard, language-agnostic interface to RESTful APIs which allows both humans and computers to discover and understand the capabilities of the service without access to source code, documentation, or through network traffic inspection.

It is an open source functional Testing tool for API Testing. It supports multiple protocols such as SOAP, REST, HTTP, JMS, AMF and JDBC. It supports functional tests, security tests, and virtualization.

API management, design, analytics, and security are at the heart of modern digital architecture. The Apigee intelligent API platform is a complete solution for moving business to the digital world.

Paw is a full-featured and beautifully designed Mac app that makes interaction with REST services delightful. Either you are an API maker or consumer, Paw helps you build HTTP requests, inspect the server's response and even generate client code.

It is a Swift-based HTTP networking library for iOS and macOS. It provides an elegant interface on top of Apple's Foundation networking stack that simplifies a number of common networking tasks.

It is an open source project which allows generation of API client libraries (SDK generation), server stubs, and documentation automatically from an OpenAPI Specification.

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

We make the best rated Two-Factor Authentication smartphone app for consumers, a Rest API for developers and a strong authentication platform for the enterprise.

Combines API test-automation, mocks and performance-testing into a single, unified framework. The BDD syntax popularized by Cucumber is language-neutral, and easy for even non-programmers. Besides powerful JSON & XML assertions, you can run tests in parallel for speed - which is critical for HTTP API testing.

RESTful API Modeling Language (RAML) makes it easy to manage the whole API lifecycle from design to sharing. It's concise - you only write what you need to define - and reusable. It is machine readable API design that is actually human friendly.

It is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Charles is a web proxy (HTTP Proxy / HTTP Monitor) that runs on your own computer. Your web browser (or any other Internet application) is then configured to access the Internet through Charles, and Charles is then able to record and display for you all of the data that is sent and received.

Created with <3 for front-end developers who need a quick back-end for prototyping and mocking.

Keep tabs on all aspects of your API's performance with uptime monitoring, integration testing, logging and real-time monitoring.

Sqreen is a security platform that helps engineering team protect their web applications, API and micro-services in real-time. The solution installs with a simple application library and doesn't require engineering resources to operate. Security anomalies triggered are reported with technical context to help engineers fix the code. Ops team can assess the impact of attacks and monitor suspicious user accounts involved.

Newman is a command-line collection runner for Postman. It allows you to effortlessly run and test a Postman collection directly from the command-line. It is built with extensibility in mind so that you can easily integrate it with your continuous integration servers and build systems.

The automatic type-safe REST library for .NET Core, Xamarin and .NET. Heavily inspired by Square's Retrofit library, It turns your REST API into a live interface.

It is a free web debugging proxy for any browser, system or platform. It helps you debug web applications by capturing network traffic between the Internet and test computers. The tool enables you to inspect incoming and outgoing data to monitor and modify requests and responses before the browser receives them.

Stop writing thousands of lines of specification code. Our intuitive visual editors significantly cut down on design time, and are spec agnostic. Generate OAI (Swagger) and RAML specification code on demand.

It is an open source firewall/router computer software distribution based on FreeBSD. It is installed on a physical computer or a virtual machine to make a dedicated firewall/router for a network.

It is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.

API Blueprint is simple and accessible to everybody involved in the API lifecycle. Its syntax is concise yet expressive. With API Blueprint you can quickly design and prototype APIs to be created or document and test already deployed mission-critical APIs.

It is a complete, modern, intuitive and scalable API platform that lets you create, securely expose, manage and monetize APIs across clouds so that you and your customers can power digital applications and spur innovation.

Appwrite's open-source platform lets you add Auth, DBs, Functions and Storage to your product and build any application at any scale, own your data, and use your preferred coding languages and tools.

It delivers the only complete open source middleware platform. With its revolutionary componentized design, it is also the only open source platform-as-a-service for private and public clouds available today. With it, seamless migration and integration between servers, private clouds, and public clouds is now a reality.

It is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process.

Generate real Swagger/OpenAPI 2.0 specifications from a Django Rest Framework API.

HTTP is the way modern applications network. It’s how we exchange data & media. Doing HTTP efficiently makes your stuff load faster and saves bandwidth.

It is an integrated API Development platform, built for teams, that brings the core capabilities of the Swagger framework to design, build, document and deploy APIs.

It seamlessly integrates application security into the software lifecycle, effectively eliminating vulnerabilities during the lowest-cost point in the development/deployment chain, and blocking threats while in production.

Legible & concise status badges for third-party codebase services.

It is an intrusion prevention software framework that protects computer servers from brute-force attacks. Written in the Python programming language, it is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, for example, iptables or TCP Wrapper.

It allows you to easily build & consume fully typesafe APIs without schemas or code generation. It is well-tested and production ready. Experience the full power of TypeScript inference to boost productivity for your full-stack application.

Its core functionality is to create an API that acts as an aggregator of many microservices into single endpoints, doing the heavy-lifting automatically for you: aggregate, transform, filter, decode, throttle, auth and more.

It is a code-first tool for testing HTTP and message integrations using contract tests. Contract tests assert that inter-application messages conform to a shared understanding that is documented in a contract. Without contract testing, the only way to ensure that applications will work correctly together is by using expensive and brittle integration tests.

It is a free, fast, and beautiful alternative to Postman. It helps you create your requests faster, saving you precious time on your development.

It is a simple and comprehensive vulnerability scanner for containers and other artifacts. It detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). It is easy to use. Just install the binary and you're ready to scan. All you need to do for scanning is to specify a target such as an image name of the container.

It is a cloud-native endpoint security platform combines Next-Gen Av, EDR, Threat Intelligence, Threat Hunting, and much more.

It is a free, fast and beautiful API request builder. It helps you create requests faster, saving precious time on development

It is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

It provides true integration and automation across an organization’s security infrastructure, delivering unparalleled protection and visibility to every network segment, device, and appliance, whether virtual, in the cloud, or on-premises.