Kshetrajnah · API Security & Compliance Audit
Kshetrajnah  ·  API Security & Compliance Audit

Scan your APIs
the way a real
attacker would.

Kshetrajnah runs 220+ live security tests across 33 modules — every test fires a real HTTP request to your API and captures the evidence. No manual effort. No false negatives accepted. Get a full compliance report across OWASP API Top 10, NIST, CIS, DPDP Act, RBI guidelines, and CERT-In.

220+ Live Security Tests
33 Test Modules
12+ Compliance Frameworks
0 False Negatives Accepted
Watch the explainer
Kshetrajnah — API Security Audit
▶ Watch on YouTube

Every undocumented API
endpoint is an open door.

OWASP API Top 10 · NIST · CIS · DPDP Act · RBI · CERT-In
How it Works

Import once.
Expose everything.

Bring your existing API collection — Kshetrajnah does the rest. Every test fires a live HTTP request and captures the actual server response as evidence.

01
Import Your API

Drop in your Postman collection, OpenAPI / Swagger spec, or Insomnia file. Kshetrajnah auto-parses every endpoint, method, and parameter. No manual configuration required.

02
Run 220+ Live Tests

Each of the 220+ security tests fires a real HTTP request against your API — probing for broken auth, injection, SSRF, rate-limit bypass, mass assignment, shadow endpoints, and 30 other vulnerability classes across 33 modules.

03
Get Your Compliance Report

Every finding maps to the frameworks your auditors check — OWASP API Top 10, NIST, CIS, DPDP Act, RBI guidelines, CERT-In, PCI-DSS, ISO 27001. Exported evidence, prioritised by severity.

What It Tests

33 modules.
Every attack vector covered.

Broken Object Level Auth Broken Auth Broken Function Level Auth SQL Injection NoSQL Injection Command Injection SSRF XXE BOPLA Unrestricted Resource Consumption Rate Limit Bypass Mass Assignment Sensitive Data Exposure JWT Vulnerabilities OAuth Misconfiguration API Key Leakage Shadow / Ghost APIs Excessive Data Exposure Path Traversal CORS Misconfiguration Insecure Deserialization Security Misconfiguration HTTP Method Abuse Header Injection Regex DoS IDOR Business Logic Flaws GraphQL Abuse gRPC Security
0+ Live Tests Real HTTP requests
0 Test Modules Security domains
0+ Frameworks OWASP, NIST, CIS & more
0 False Negatives Accepted
Compliance Mapping

Every finding,
mapped to your frameworks.

Kshetrajnah doesn't just find vulnerabilities — it maps each finding to the specific control it violates, across every framework your auditors care about.

API Security
Attack Frameworks
OWASP API Security Top 10 OWASP Web Top 10 CWE / SANS Top 25 NIST SP 800-53 CIS Controls v8 ISO 27001
India Mandates
Regulatory Requirements
DPDP Act 2023 RBI Cybersecurity Framework CERT-In 2022 Directions SEBI Cybersecurity IRDAI IT Guidelines MeitY API Security
Global Standards
Industry Requirements
PCI-DSS v4 HIPAA SOC 2 Type II GDPR Technical Controls CMMC L2 FedRAMP

Test your APIs.
Today.

By Deccan Infotech (P) Ltd.

Contact us for More information

Connect with our experts to discover how DIPL can enhance your organization’s information security and compliance. Whether you need consultations, audits, or tailored solutions, our team is ready to assist. Schedule your appointment today and take the first step toward securing your digital future.