API Security Simulator

Detect BOLA/IDOR, GraphQL abuse, JWT forgery, rate limit bypass, and API enumeration

MicroSim 47 AppSec OWASP API Top 10

Mission Briefing

You are an application security analyst monitoring the api.acme.example API gateway. Review HTTP request logs and identify attack patterns targeting the OWASP API Security Top 10.

MicroSims | Ch44: Web App Pentesting | Ch30: Application Security | SC-086

API Security Simulator

Mission Briefing

API Gateway Log Monitor

HTTP Request Log

Your Analysis

Simulation Complete