{"id":31559,"date":"2023-12-20T05:39:42","date_gmt":"2023-12-20T05:39:42","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=31559"},"modified":"2023-12-20T05:39:46","modified_gmt":"2023-12-20T05:39:46","slug":"apidetector","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/apidetector\/","title":{"rendered":"APIDetector: Uncovering Swagger Endpoint Risks and How to Secure Your API"},"content":{"rendered":"\n<p>APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart capabilities to detect false-positives. It&#8217;s particularly useful for security professionals and developers who are engaged in API testing and vulnerability scanning.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#features\"><\/a><strong>Features<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Flexible Input<\/strong>: Accepts a single domain or a list of subdomains from a file.<\/li>\n\n\n\n<li><strong>Multiple Protocols<\/strong>: Option to test endpoints over both HTTP and HTTPS.<\/li>\n\n\n\n<li><strong>Concurrency<\/strong>: Utilizes multi-threading for faster scanning.<\/li>\n\n\n\n<li><strong>Customizable Output<\/strong>: Save results to a file or print to stdout.<\/li>\n\n\n\n<li><strong>Verbose and Quiet Modes<\/strong>: Default verbose mode for detailed logs, with an option for quiet mode.<\/li>\n\n\n\n<li><strong>Custom User-Agent<\/strong>: Ability to specify a custom User-Agent for requests.<\/li>\n\n\n\n<li><strong>Smart Detection of False-Positives<\/strong>: Ability to detect most false-positives.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#getting-started\"><\/a><strong>Getting Started<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#prerequisites\"><\/a><strong>Prerequisites<\/strong><\/h3>\n\n\n\n<p>Before running APIDetector, ensure you have Python 3.x and pip installed on your system. You can download Python&nbsp;<a href=\"https:\/\/www.python.org\/downloads\/\">here<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#installation\"><\/a><strong>Installation<\/strong><\/h3>\n\n\n\n<p>Clone the APIDetector repository to your local machine using:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>git clone https:\/\/github.com\/brinhosa\/apidetector.git\r\ncd apidetector\r\npip install requests <\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Usage<\/strong><\/h3>\n\n\n\n<p>Run APIDetector using the command line. Here are some usage examples:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Common usage, scan with 30 threads a list of subdomains using a Chrome user-agent and save the results in a file:<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -i list_of_company_subdomains.txt -o results_file.txt -t 30 -ua \"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/90.0.4430.212 Safari\/537.36\"<\/code><\/pre>\n\n\n\n<p>To scan a single domain:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -d example.com<\/code><\/pre>\n\n\n\n<p>To scan multiple domains from a file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -i input_file.txt<\/code><\/pre>\n\n\n\n<p>To specify an output file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -i input_file.txt -o output_file.txt<\/code><\/pre>\n\n\n\n<p>To use a specific number of threads:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -i input_file.txt -t 20<\/code><\/pre>\n\n\n\n<p>To scan with both HTTP and HTTPS protocols:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -m -d example.com<\/code><\/pre>\n\n\n\n<p>To run the script in quiet mode (suppress verbose output):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -q -d example.com<\/code><\/pre>\n\n\n\n<p>To run the script with a custom user-agent:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>python apidetector.py -d example.com -ua \"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/90.0.4430.212 Safari\/537.36\"<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Options<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>-d<\/code>,&nbsp;<code>--domain<\/code>: Single domain to test.<\/li>\n\n\n\n<li><code>-i<\/code>,&nbsp;<code>--input<\/code>: Input file containing subdomains to test.<\/li>\n\n\n\n<li><code>-o<\/code>,&nbsp;<code>--output<\/code>: Output file to write valid URLs to.<\/li>\n\n\n\n<li><code>-t<\/code>,&nbsp;<code>--threads<\/code>: Number of threads to use for scanning (default is 10).<\/li>\n\n\n\n<li><code>-m<\/code>,&nbsp;<code>--mixed-mode<\/code>: Test both HTTP and HTTPS protocols.<\/li>\n\n\n\n<li><code>-q<\/code>,&nbsp;<code>--quiet<\/code>: Disable verbose output (default mode is verbose).<\/li>\n\n\n\n<li><code>-ua<\/code>,&nbsp;<code>--user-agent<\/code>: Custom User-Agent string for requests.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#risk-details-of-each-endpoint-apidetector-finds\"><\/a><strong>RISK DETAILS OF EACH ENDPOINT APIDETECTOR FINDS<\/strong><\/h3>\n\n\n\n<p>Exposing Swagger or OpenAPI documentation endpoints can present various risks, primarily related to information disclosure. Here&#8217;s an ordered list based on potential risk levels, with similar endpoints grouped together APIDetector scans:<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#1-high-risk-endpoints-direct-api-documentation\"><\/a><strong>1. High-Risk Endpoints (Direct API Documentation):<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Endpoints:<\/strong>\n<ul class=\"wp-block-list\">\n<li><code>'\/swagger-ui.html'<\/code>,&nbsp;<code>'\/swagger-ui\/'<\/code>,&nbsp;<code>'\/swagger-ui\/index.html'<\/code>,&nbsp;<code>'\/api\/swagger-ui.html'<\/code>,&nbsp;<code>'\/documentation\/swagger-ui.html'<\/code>,&nbsp;<code>'\/swagger\/index.html'<\/code>,&nbsp;<code>'\/api\/docs'<\/code>,&nbsp;<code>'\/docs'<\/code>,&nbsp;<code>'\/api\/swagger-ui'<\/code>,&nbsp;<code>'\/documentation\/swagger-ui'<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Risk<\/strong>:\n<ul class=\"wp-block-list\">\n<li>These endpoints typically serve the Swagger UI interface, which provides a complete overview of all API endpoints, including request formats, query parameters, and sometimes even example requests and responses.<\/li>\n\n\n\n<li><strong>Risk Level<\/strong>: High. Exposing these gives potential attackers detailed insights into your API structure and potential attack vectors.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#2-medium-high-risk-endpoints-api-schemaspecification\"><\/a><strong>2. Medium-High Risk Endpoints (API Schema\/Specification):<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Endpoints<\/strong>:\n<ul class=\"wp-block-list\">\n<li><code>'\/openapi.json'<\/code>,&nbsp;<code>'\/swagger.json'<\/code>,&nbsp;<code>'\/api\/swagger.json'<\/code>,&nbsp;<code>'\/swagger.yaml'<\/code>,&nbsp;<code>'\/swagger.yml'<\/code>,&nbsp;<code>'\/api\/swagger.yaml'<\/code>,&nbsp;<code>'\/api\/swagger.yml'<\/code>,&nbsp;<code>'\/api.json'<\/code>,&nbsp;<code>'\/api.yaml'<\/code>,&nbsp;<code>'\/api.yml'<\/code>,&nbsp;<code>'\/documentation\/swagger.json'<\/code>,&nbsp;<code>'\/documentation\/swagger.yaml'<\/code>,&nbsp;<code>'\/documentation\/swagger.yml'<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Risk<\/strong>:\n<ul class=\"wp-block-list\">\n<li>These endpoints provide raw Swagger\/OpenAPI specification files. They contain detailed information about the API endpoints, including paths, parameters, and sometimes authentication methods.<\/li>\n\n\n\n<li><strong>Risk Level<\/strong>: Medium-High. While they require more interpretation than the UI interfaces, they still reveal extensive information about the API.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#3-medium-risk-endpoints-api-documentation-versions\"><\/a><strong>3. Medium Risk Endpoints (API Documentation Versions):<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Endpoints<\/strong>:\n<ul class=\"wp-block-list\">\n<li><code>'\/v2\/api-docs'<\/code>,&nbsp;<code>'\/v3\/api-docs'<\/code>,&nbsp;<code>'\/api\/v2\/swagger.json'<\/code>,&nbsp;<code>'\/api\/v3\/swagger.json'<\/code>,&nbsp;<code>'\/api\/v1\/documentation'<\/code>,&nbsp;<code>'\/api\/v2\/documentation'<\/code>,&nbsp;<code>'\/api\/v3\/documentation'<\/code>,&nbsp;<code>'\/api\/v1\/api-docs'<\/code>,&nbsp;<code>'\/api\/v2\/api-docs'<\/code>,&nbsp;<code>'\/api\/v3\/api-docs'<\/code>,&nbsp;<code>'\/swagger\/v2\/api-docs'<\/code>,&nbsp;<code>'\/swagger\/v3\/api-docs'<\/code>,&nbsp;<code>'\/swagger-ui.html\/v2\/api-docs'<\/code>,&nbsp;<code>'\/swagger-ui.html\/v3\/api-docs'<\/code>,&nbsp;<code>'\/api\/swagger\/v2\/api-docs'<\/code>,&nbsp;<code>'\/api\/swagger\/v3\/api-docs'<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Risk<\/strong>:\n<ul class=\"wp-block-list\">\n<li>These endpoints often refer to version-specific documentation or API descriptions. They reveal information about the API&#8217;s structure and capabilities, which could aid an attacker in understanding the API&#8217;s functionality and potential weaknesses.<\/li>\n\n\n\n<li><strong>Risk Level<\/strong>: Medium. These might not be as detailed as the complete documentation or schema files, but they still provide useful information for attackers.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/brinhosa\/apidetector#4-lower-risk-endpoints-configuration-and-resources\"><\/a><strong>4. Lower Risk Endpoints (Configuration and Resources):<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Endpoints<\/strong>:\n<ul class=\"wp-block-list\">\n<li><code>'\/swagger-resources'<\/code>,&nbsp;<code>'\/swagger-resources\/configuration\/ui'<\/code>,&nbsp;<code>'\/swagger-resources\/configuration\/security'<\/code>,&nbsp;<code>'\/api\/swagger-resources'<\/code>,&nbsp;<code>'\/api.html'<\/code><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li><strong>Risk<\/strong>:\n<ul class=\"wp-block-list\">\n<li>These endpoints often provide auxiliary information, configuration details, or resources related to the API documentation setup.<\/li>\n\n\n\n<li><strong>Risk Level<\/strong>: Lower. They may not directly reveal API endpoint details but can give insights into the configuration and setup of the API documentation.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart capabilities to detect false-positives. It&#8217;s particularly useful for security professionals and developers who are engaged in API testing and vulnerability scanning. Features Getting Started Prerequisites Before running APIDetector, ensure you have Python 3.x and pip installed [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":31561,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20],"tags":[6472,737,6321,6052,6325],"class_list":["post-31559","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","tag-apidetector","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>APIDetector<\/title>\n<meta name=\"description\" content=\"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/apidetector\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"APIDetector\" \/>\n<meta property=\"og:description\" content=\"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/apidetector\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-20T05:39:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-12-20T05:39:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"APIDetector: Uncovering Swagger Endpoint Risks and How to Secure Your API\",\"datePublished\":\"2023-12-20T05:39:42+00:00\",\"dateModified\":\"2023-12-20T05:39:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/\"},\"wordCount\":595,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\",\"keywords\":[\"APIDetector\",\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\"],\"articleSection\":[\"Cyber security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/apidetector\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/\",\"name\":\"APIDetector\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\",\"datePublished\":\"2023-12-20T05:39:42+00:00\",\"dateModified\":\"2023-12-20T05:39:46+00:00\",\"description\":\"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/apidetector\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"APIDetector","description":"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/apidetector\/","og_locale":"en_US","og_type":"article","og_title":"APIDetector","og_description":"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart","og_url":"https:\/\/kalilinuxtutorials.com\/apidetector\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-12-20T05:39:42+00:00","article_modified_time":"2023-12-20T05:39:46+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"APIDetector: Uncovering Swagger Endpoint Risks and How to Secure Your API","datePublished":"2023-12-20T05:39:42+00:00","dateModified":"2023-12-20T05:39:46+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/"},"wordCount":595,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","keywords":["APIDetector","cybersecurity","informationsecurity","kalilinux","kalilinuxtools"],"articleSection":["Cyber security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/apidetector\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/","url":"https:\/\/kalilinuxtutorials.com\/apidetector\/","name":"APIDetector","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","datePublished":"2023-12-20T05:39:42+00:00","dateModified":"2023-12-20T05:39:46+00:00","description":"APIDetector is a powerful and efficient tool designed for testing exposed Swagger endpoints in various subdomains with unique smart","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/apidetector\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/apidetector\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSzoorD45JtRuB7052ZMl6CWuI7rk-VaDYDFyU8IuLGmaBVlR1ruGDx6A1qiPJfrcbPl0v_2BYmWPHiZDvGMjTaCHPFFYmjSOAT-4kSX6sKi1lFkd8zA1WmwQ2mHbsFLlldbEaOevk3tPd81Xh-LIMyt8UnW9xXA_7owtRjUjNlrJt0O5rPt7rCcj_qQ\/s16000\/APIDetector.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":31521,"url":"https:\/\/kalilinuxtutorials.com\/cloakquest3r\/","url_meta":{"origin":31559,"position":0},"title":"CloakQuest3r: Unmasking Cloudflare-Protected Websites","author":"Varshini","date":"December 13, 2023","format":false,"excerpt":"CloakQuest3r is a powerful Python tool meticulously crafted to uncover the true IP address of websites safeguarded by Cloudflare, a widely adopted web security and performance enhancement service. Its core mission is to accurately discern the actual IP address of web servers that are concealed behind Cloudflare's protective shield. Subdomain\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjVEOapO4QzT6sfLDlWzF1AX-v5o-DWSqIOcYgXB8n8Z97k9NdlbPxbxmYnsWBTrKI6WSU-SBOwDusYuknUee2t89v0VdF5TC99wJMyQ07rtKW9sZPHjVYYTQuurQjQaQMKJAhxtzMuzHegCSWPWCniG-QiXaiJvkO0O8xjSXWypNwIoPdCP3M36SJ6pw\/s16000\/CloakQuest3r.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":35866,"url":"https:\/\/kalilinuxtutorials.com\/onescan\/","url_meta":{"origin":31559,"position":1},"title":"OneScan : A Comprehensive Tool For Recursive Directory Scanning","author":"Varshini","date":"January 29, 2025","format":false,"excerpt":"OneScan is an innovative Burp Suite plugin designed to enhance vulnerability detection in deeply nested directories of web applications. Initially conceptualized to identify hidden Swagger-API documentation, OneScan has evolved into a versatile tool capable of uncovering sensitive information leaks, unauthorized access points, and privilege escalation vulnerabilities. Core Features And Functionality\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/Untitled-design.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":37025,"url":"https:\/\/kalilinuxtutorials.com\/subcat-2\/","url_meta":{"origin":31559,"position":2},"title":"SubCat v1.3.1 : A Comprehensive Subdomain Enumeration Tool","author":"Varshini","date":"March 12, 2025","format":false,"excerpt":"SubCat is a powerful and efficient tool designed for subdomain discovery, making it an indispensable asset for penetration testers, bug bounty hunters, and security researchers. Version 1.3.1 of SubCat continues to build on its predecessors by offering a robust set of features that enhance its performance and versatility. Key Features\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SubCat-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":32072,"url":"https:\/\/kalilinuxtutorials.com\/swaggerspy\/","url_meta":{"origin":31559,"position":3},"title":"SwaggerSpy &#8211; Elevating API Security Through OSINT On SwaggerHub","author":"Varshini","date":"February 20, 2024","format":false,"excerpt":"SwaggerSpy is a tool designed for automated Open Source Intelligence (OSINT) on SwaggerHub. This project aims to streamline the process of gathering intelligence from APIs documented on SwaggerHub, providing valuable insights for security researchers, developers, and IT professionals. What Is Swagger? Swagger is an open-source framework that allows developers to\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgslNdcKN77Qzm4r0nq_nwKnF8koZzpQV3wF3R9fPumLPNSlpg8ru-t__uBuk9obJBQO_hrAoDhh03Bs7qJQmThkmdegEkhftXDIloG7tpAyC0qUpxlAdlPialLccto8rsLtrnvXrMkBYuqzoK1aMefxZHce_w6CGIxrsACJNGm7GN1tAFPm-I7gwq0uZX8\/s16000\/Untitled%20design%20%281%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":31950,"url":"https:\/\/kalilinuxtutorials.com\/bugblaze\/","url_meta":{"origin":31559,"position":4},"title":"BugBlaze : Your All-In-One Cybersecurity Toolkit","author":"Varshini","date":"February 5, 2024","format":false,"excerpt":"In the world of cybersecurity, staying ahead of potential threats is essential. BugBlaze is a powerful toolkit that simplifies the process of subdomain enumeration, DNS resolution, port scanning, and vulnerability scanning. In this article, we'll explore how BugBlaze can enhance your security efforts and provide a comprehensive overview of its\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyRhfe6ubjQfcMB9cSEREq7nCh8Pt012jwxCxw7zovyPM6Yuw8xasBwRnCbpZzV0EH1C1JgVbv9d4AqCkTCpubwDOQV4tEzHxZ85WU9N3Bin2O-GIWsRoAUa3E18nQf_CfxPufiMpNO-q6RWz376my-YogyJpWadYgdEJg5hmxo8YX_SX2lN09mVxxv4_Q\/s16000\/Untitled%20design%20%2819%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":33289,"url":"https:\/\/kalilinuxtutorials.com\/x-recon\/","url_meta":{"origin":31559,"position":5},"title":"X-Recon : Mastering XSS Vulnerability Scanning And Web Reconnaissance","author":"Varshini","date":"June 10, 2024","format":false,"excerpt":"A sophisticated tool designed for web application security enthusiasts. This utility specializes in identifying web page inputs and performing comprehensive XSS scanning. Whether you're looking to uncover subdomains, analyze forms, or test for XSS vulnerabilities, X-Recon provides all the necessary functionalities to enhance your security testing efforts. Features: Subdomain Discovery:\u2026","rel":"","context":"In &quot;Web Application Security&quot;","block_context":{"text":"Web Application Security","link":"https:\/\/kalilinuxtutorials.com\/category\/web-application-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi-iScW6njJVttlbiFu2_vnkOvA2t-r8yOvGbAYw-W9iIvcD30xtttqgaRtbxuhtvWGDB2RQAmMFYdbQ6V1KAYpuZvceAHvO1nvgH3jSUY1pAR7OfEB4CV7R1OgIcCvf0XaDRkG7vjS8NnhXtnaRQmN-Bp_q-eQSzGzxwoXUWHlzM3qaYF4s3YAXKcLKY6a\/s16000\/X-Recon%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31559","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=31559"}],"version-history":[{"count":1,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31559\/revisions"}],"predecessor-version":[{"id":31560,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/31559\/revisions\/31560"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/31561"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=31559"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=31559"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=31559"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}