-
Notifications
You must be signed in to change notification settings - Fork 183
Attacking APIs
devloop edited this page Oct 22, 2024
·
1 revision
Wapiti can use Swagger or OpenAPI documentation to automatically attack the endpoints declared within it.
To do this, use the --swagger option, which accepts either a local file path or a URL to the Swagger/OpenAPI file.
wapiti -u "http://target.tld" --swagger /path/to/swagger.jsonor
wapiti -u "http://target.tld" --swagger "http://target.tld/api-docs/swagger.json"By leveraging the Swagger/OpenAPI specification, Wapiti can identify all documented endpoints and test them for vulnerabilities.