0xSs0rZ
More
Search
Ctrl + K
API Discovery
Previous
Checklist
Next
Sensitive Data (API Key, JWT token, etc.) Exposed
Last updated
3 hours ago
Fuzzing
API endpoints
Known API
API Detector
Kiterunner
GraphQL endpoint
API Fuzzing Lists
SquareSec - Cybersecurity Courses
Bug-Bounty-Wordlists/api.txt at main · Karanxa/Bug-Bounty-Wordlists
GitHub
SecLists/api-endpoints.txt at master · danielmiessler/SecLists
GitHub
SecLists/common-api-endpoints-mazen160.txt at master · danielmiessler/SecLists
GitHub
Index of /data/automated/
https://raw.githubusercontent.com/coffinxp/payloads/refs/heads/main/api.txt
GitHub - brinhosa/apidetector: APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
GitHub
GitHub - assetnote/kiterunner: Contextual Content Discovery Tool
GitHub
KiteRunner - Hacker Tools: Next-level API hacking 👩💻
Intigriti
API Discovery with Kiterunner - TCM Security
TCM Security - Penetration Testing & Consulting
GitHub - Escape-Technologies/graphinder: 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
GitHub
