Press Release

BLST Security – Firecracker

Use your HTTP logs, map your API, review, attack it and find anomalies.

Firecracker* is the first version of BLST Security’s open-sourced CLI.

Tel Aviv, Israel: BLST Security announced Firecracker, a new CLI tool that protects organizations from logical flaws, it provides an intelligent attacker that simulates business flows in your API.

This CLI tool provides a detailed analysis of existing attack surfaces, vulnerable flows, simplifies, and visualizes the architecture of the API.

Guy Levinger, BLST Security’s CTO says “Firecracker is the only open-source solution currently in the market trying to solve the broken API logic problem” and concluded that “this is the new generation of cyber security attacks and defense mechanisms, this tool is just the tip of the iceberg, we (BLST Security) plan to spearhead the worldwide progress exploring this new attack surface”.

Features and benefits of Firecracker include:

  • API logic flow visibility
  • User behavior anomaly detection
  • Easy installation and integration into current environments
  • Intuitive interface

Firecracker is available for download at (the installable binary version).

You can also access the code and build it yourself using GitHub by following this link:, visit for more information.

About BLST Security: BLST is a young startup company that is developing new security tools dedicated to solving the API security problem where the main focus at this time is finding broken logic in the API and mapping it, with an easy-to-use & integrate platform, ultimately leading to our directive – Know your logic. Stay Secure.

*The name Firecracker was changed to Cherrybomb – 31/01/2022
Validate your OAS file online
• Powered by BLST Security
Expand Your API Knowledge
API penetration testing
API Penetration Testing

API Penetration testing is a digital “tune-up” meant to pinpoint vulnerabilities in your API that a hacker might exploit.

Strava data breach
Strava data breach

Using the fitness-tracking app Strava, malicious users have been spying on Israeli military and Mosaad personnel.

Share this article
Subscribe for weekly API Security news