api-breakerlisted

Automated API security testing starting from domains. Discovers REST, GraphQL, and SOAP APIs, reconstructs schemas, and tests for BOLA/IDOR, BFLA, mass assignment, JWT attacks, rate limiting bypass, and business logic flaws. Use when user asks to "test API security", "break API", "find API vulnerabilities", "test GraphQL", "test JWT", "API pentest", or provides domains with API endpoints. For authorized testing only.
KaQus/claude-code-pentest · ★ 30 · API & Backend · score 85

Install: claude install-skill KaQus/claude-code-pentest

# API Breaker Intelligent API security testing. Discovers, maps, and exploits API vulnerabilities. ## Important CRITICAL: Only test APIs you have explicit authorization to test. ## Instructions ### Step 1: API Discovery ```bash python scripts/api_discovery.py --domain {target_domain} ``` Discovery methods: 1. **Path fuzzing**: /api/, /v1/, /v2/, /graphql, /rest/, /swagger.json, /openapi.json, /api-docs 2. **JavaScript analysis**: Parse JS files for hardcoded API endpoints, base URLs, fetch/axios calls 3. **Wayback Machine**: Historical API endpoints that may still be active 4. **Common patterns**: /{resource}s, /{resource}/{id}, /{resource}/{id}/{subresource} 5. **GraphQL detection**: /graphql, /graphiql, /playground, /api/graphql 6. **Documentation endpoints**: Swagger, OpenAPI, WADL, WSDL For each discovered API: - Record base URL, authentication method, content type - Detect API standard (REST, GraphQL, gRPC-web, SOAP) ### Step 2: Schema Reconstruction ```bash python scripts/schema_builder.py --api-base {api_url} ``` Even without documentation: 1. Send requests with varying parameters and observe responses 2. Analyze error messages for expected field names/types 3. Use OPTIONS/HEAD to discover allowed methods 4. Test content negotiation (JSON, XML, form-encoded) 5. GraphQL: Send introspection query to get full schema Output: Reconstructed API schema in OpenAPI format. ### Step 3: Authentication Analysis ```bash python scripts/auth_analyzer.py --api-base {api_