Api Endpoint Discovery

# API Endpoint Discovery

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "Api Endpoint Discovery" with this command: npx skills add snipercat69/edgeiq-api-endpoint-discovery

API Endpoint Discovery

Skill Name: api-endpoint-discovery Version: 1.0.0 Category: Security / API / OSINT Price: Lifetime: $39 / Optional Monthly: $7/mo (includes all Pro features permanently) Author: EdgeIQ Labs OpenClaw Compatible: Yes — Python 3, pure stdlib, WSL + Linux

What It Does

Discovers API endpoints for a target domain using passive OSINT (Swagger docs, OpenAPI specs, robots.txt, JavaScript scraping, favicon analysis) and active techniques (path brute-forcing, parameter enumeration). Maps the exposed attack surface of a web application's API layer.

⚠️ Legal Notice: Only audit domains you own or have explicit written authorization to scan. Active brute-forcing should only be used on authorized targets.

Features

  • Swagger/OpenAPI discovery — locates and parses live API specification files
  • robots.txt analysis — extracts API-related paths from robots exclusion
  • JavaScript endpoint extraction — scrapes fetch/axios/XMLHttpRequest calls from JS files
  • Favicon/asset fingerprinting — extracts API hints from CDN-hosted assets
  • Path brute-forcing — common API path patterns with wordlist
  • Parameter enumeration — discovers API query parameter names
  • API version detection — identifies API version strings in responses
  • JSON export — structured endpoint inventory

Tier Comparison

FeatureFreeLifetime ($39)Optional Monthly ($7/mo)
Target scan✅ (3 scans)✅ (unlimited)✅ (unlimited)
Swagger/OpenAPI discovery
robots.txt analysis
JS endpoint extraction
Favicon fingerprinting
Path brute-forcing
Parameter enumeration
JSON export

Installation

cp -r /home/guy/.openclaw/workspace/apps/api-endpoint-discovery ~/.openclaw/skills/api-endpoint-discovery

Usage

Basic passive discovery (free tier)

python3 endpoint_discovery.py --target "https://api.target.com"

Pro scan with brute-forcing (Pro)

EDGEIQ_EMAIL=your_email@gmail.com python3 endpoint_discovery.py \
  --target "https://api.target.com" --pro

Bundle — full active + passive scan

python3 endpoint_discovery.py --target "https://api.target.com" \
  --bundle --output inventory.json

Parameters

FlagTypeDefaultDescription
--targetstringTarget base URL (e.g. https://api.target.com)
--proflagFalseEnable Pro features
--bundleflagFalseEnable Bundle features
--wordliststringbuilt-inPath to custom wordlist for brute-forcing
--threadsint10Number of concurrent threads
--outputstringWrite JSON inventory to file

Output Example

=== API Endpoint Discovery ===
Target: https://api.target.com

  [1m[92m✔[0m Discovered 24 endpoints across 3 API versions

  Swagger/OpenAPI:
    [1m[92m✔[0m /swagger/v1/api.json — OpenAPI 3.0 spec found
    [1m[92m✔[0m /api-docs — Swagger UI detected

  Endpoints by category:

    Authentication (5 endpoints)
      POST /api/v1/auth/login         — 200 OK
      POST /api/v1/auth/register      — 201 Created
      POST /api/v1/auth/refresh      — 200 OK
      POST /api/v1/auth/logout        — 204 No Content
      GET  /api/v1/auth/session       — 200 OK

    Users (7 endpoints)
      GET  /api/v1/users             — 200 OK (paginated)
      GET  /api/v1/users/:id         — 200 OK
      POST /api/v1/users             — 201 Created
      PUT  /api/v1/users/:id          — 200 OK
      DELETE /api/v1/users/:id       — 204 No Content

    Products (6 endpoints)
      GET  /api/v1/products          — 200 OK
      GET  /api/v1/products/:id     — 200 OK
      POST /api/v1/products         — 201 Created
      ...

  Hidden/exposed sensitive endpoints:
    ⚠️ GET /api/v1/admin/users      — Admin-only, no auth observed
    ⚠️ POST /api/v1/debug/config   — Debug endpoint — INFORMATION EXPOSURE

  Version fingerprinting:
    X-API-Version: 1.2.3
    Server: Apache-Coyote/1.1

  Threat Level: MEDIUM — 2 sensitive endpoints exposed without auth

Pro Upgrade

Full API discovery with brute-forcing, JS scraping, and parameter enumeration:

👉 Buy Lifetime — $39 👉 Subscribe Monthly — $7/mo

Support

Open a ticket in #edgeiq-support or email gpalmieri21@gmail.com

🔗 More from EdgeIQ Labs

edgeiqlabs.com — Security tools, OSINT utilities, and micro-SaaS products for developers and security professionals.

  • 🛠️ Subdomain Hunter — Passive subdomain enumeration via Certificate Transparency
  • 📸 Screenshot API — URL-to-screenshot API for developers
  • 🔔 uptime.check — URL uptime monitoring with alerts
  • 🛡️ headers.check — HTTP security headers analyzer

👉 Visit edgeiqlabs.com →

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

gitlab-mr-reviewer

当需要审核 GitLab 合并请求、检查 MR diff 风险、发布 GitLab 审查评论、执行 approve/request changes,或发送 MR 审查通知时使用。

Registry SourceRecently Updated
1490whrime
General

Voice Transcriber Toolkit

Voice-to-Text Transcription Toolkit - 语音识别转文字,支持Whisper/Vosk引擎,批量处理,字幕导出 | Speech recognition & transcription with Whisper/Vosk engines, batch processing, su...

Registry SourceRecently Updated
00kaiyuelv
General

Gigo Lobster Taster

🦞 GIGO · gigo-lobster-taster: 正式试吃模式:跑完整评测,默认上传云端、生成个人结果页并进入排行榜。 Triggers: 试吃我的龙虾 / 品鉴我的龙虾 / lobster taste / lobster taster.

Registry SourceRecently Updated
4060mengkunliang
General

Gigo Lobster Local

🦞 GIGO · gigo-lobster-local: 本地模式:跑完整评测,但不上云、不注册个人结果页,证书二维码回到官网首页。 Triggers: 本地试吃龙虾 / 离线试吃龙虾 / local lobster taste / offline lobster taste.

Registry SourceRecently Updated
2770mengkunliang