apihunter 0.1.2

Async API security scanner with passive and active checks for CORS, CSP, GraphQL, JWT, OpenAPI, and API posture.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

{
  "steps": [
    {
      "url": "https://api.example.com/auth/login",
      "method": "POST",
      "body": {
        "username": "{{SCAN_USER}}",
        "password": "{{SCAN_PASS}}"
      },
      "extract": "$.data.access_token",
      "extract_refresh": "$.data.refresh_token",
      "extract_expires_in": "$.data.expires_in",
      "inject_as": "bearer"
    }
  ],
  "refresh_interval_secs": 840
}