pub const API_ENDPOINTS: &str = "# Comprehensive API Endpoints for Professional Bug Bounty Testing\n# Based on real-world reconnaissance and OSINT research\n# Updated: 2025 - Over 500+ endpoint patterns\n\n# === CORE API PATTERNS ===\n# Basic versioning patterns\n/api\n/api/v1\n/api/v2\n/api/v3\n/api/v4\n/api/v5\n/api/v6\n/api/1\n/api/2\n/api/3\n/v1\n/v2\n/v3\n/v4\n/v5\n/v6\n/v1.0\n/v1.1\n/v1.2\n/v2.0\n/v2.1\n/v3.0\n\n# === REST & RESTFUL PATTERNS ===\n/rest\n/restful\n/rest/v1\n/rest/v2\n/rest/v3\n/rest/api\n/rest/service\n/api/rest\n/api/restful\n\n# === GRAPHQL PATTERNS ===\n/graphql\n/api/graphql\n/graphiql\n/api/graphiql\n/graphql/v1\n/graphql/v2\n/api/v1/graphql\n/api/v2/graphql\n/graph\n/api/graph\n/gql\n/api/gql\n\n# === AUTHENTICATION & AUTHORIZATION ===\n/auth\n/authentication\n/authorize\n/authorization\n/api/auth\n/api/authentication\n/api/authorize\n/api/authorization\n/oauth\n/oauth2\n/oauth/v2\n/api/oauth\n/api/oauth2\n/login\n/signin\n/sign-in\n/api/login\n/api/signin\n/api/sign-in\n/logout\n/signout\n/sign-out\n/api/logout\n/api/signout\n/token\n/tokens\n/api/token\n/api/tokens\n/jwt\n/api/jwt\n/session\n/sessions\n/api/session\n/api/sessions\n/sso\n/api/sso\n/saml\n/api/saml\n/oidc\n/api/oidc\n\n# === USER MANAGEMENT ===\n/user\n/users\n/account\n/accounts\n/profile\n/profiles\n/api/user\n/api/users\n/api/account\n/api/accounts\n/api/profile\n/api/profiles\n/customer\n/customers\n/api/customer\n/api/customers\n/member\n/members\n/api/member\n/api/members\n/client\n/clients\n/api/client\n/api/clients\n\n# === ADMIN & MANAGEMENT ===\n/admin\n/administration\n/manage\n/management\n/api/admin\n/api/administration\n/api/manage\n/api/management\n/admin/api\n/admin/api/v1\n/admin/api/v2\n/manage/api\n/dashboard\n/api/dashboard\n/panel\n/api/panel\n/control\n/api/control\n\n# === MOBILE & PLATFORM SPECIFIC ===\n/mobile\n/mobile/api\n/mobile/v1\n/mobile/v2\n/app\n/app/api\n/app/v1\n/app/v2\n/ios\n/ios/api\n/ios/v1\n/android\n/android/api\n/android/v1\n/api/mobile\n/api/app\n/api/ios\n/api/android\n/tablet\n/api/tablet\n/desktop\n/api/desktop\n\n# === COMPANY-SPECIFIC PATTERNS ===\n# Shopify-like\n/storefront-api\n/admin-api\n/partner-api\n/vendor-api\n/merchant-api\n/store-api\n\n# Amazon-like\n/aws\n/ec2\n/s3-api\n/lambda\n\n# Microsoft-like\n/azure\n/office365\n/graph-api\n\n# Google-like\n/gapi\n/googleapis\n/maps-api\n\n# GitHub-like\n/api/v3\n/api/v4\n/repos\n/api/repos\n\n# Stripe-like\n/v1/charges\n/v1/customers\n/v1/subscriptions\n\n# Twitter-like\n/1.1\n/2\n/api/1.1\n/api/2\n\n# === SERVICE PATTERNS ===\n/service\n/services\n/microservice\n/microservices\n/ms\n/svc\n/api/service\n/api/services\n/api/microservice\n/webservice\n/webservices\n/api/webservice\n/api/webservices\n\n# === HEALTH & STATUS ===\n/health\n/healthcheck\n/health-check\n/healthz\n/livez\n/readyz\n/api/health\n/api/healthcheck\n/api/health-check\n/status\n/api/status\n/ping\n/api/ping\n/pong\n/api/pong\n/heartbeat\n/api/heartbeat\n/alive\n/api/alive\n/ready\n/api/ready\n/up\n/api/up\n/version\n/api/version\n/info\n/api/info\n\n# === DATA & CONTENT ===\n/data\n/dataset\n/datasets\n/api/data\n/api/dataset\n/api/datasets\n/content\n/contents\n/api/content\n/api/contents\n/media\n/api/media\n/assets\n/api/assets\n/resources\n/api/resources\n/files\n/file\n/api/files\n/api/file\n/documents\n/document\n/api/documents\n/api/document\n/upload\n/uploads\n/api/upload\n/api/uploads\n/download\n/downloads\n/api/download\n/api/downloads\n\n# === SEARCH & QUERY ===\n/search\n/api/search\n/query\n/queries\n/api/query\n/api/queries\n/find\n/api/find\n/filter\n/api/filter\n/sort\n/api/sort\n/suggest\n/api/suggest\n/autocomplete\n/api/autocomplete\n\n# === E-COMMERCE & PAYMENTS ===\n/shop\n/store\n/api/shop\n/api/store\n/product\n/products\n/api/product\n/api/products\n/catalog\n/api/catalog\n/inventory\n/api/inventory\n/cart\n/carts\n/api/cart\n/api/carts\n/checkout\n/api/checkout\n/order\n/orders\n/api/order\n/api/orders\n/payment\n/payments\n/api/payment\n/api/payments\n/billing\n/api/billing\n/invoice\n/invoices\n/api/invoice\n/api/invoices\n/subscription\n/subscriptions\n/api/subscription\n/api/subscriptions\n\n# === COMMUNICATION ===\n/mail\n/email\n/api/mail\n/api/email\n/message\n/messages\n/messaging\n/api/message\n/api/messages\n/api/messaging\n/sms\n/api/sms\n/notification\n/notifications\n/api/notification\n/api/notifications\n/alert\n/alerts\n/api/alert\n/api/alerts\n/chat\n/api/chat\n/call\n/api/call\n\n# === ANALYTICS & TRACKING ===\n/analytics\n/api/analytics\n/stats\n/statistics\n/api/stats\n/api/statistics\n/metrics\n/api/metrics\n/tracking\n/api/tracking\n/event\n/events\n/api/event\n/api/events\n/log\n/logs\n/logging\n/api/log\n/api/logs\n/api/logging\n\n# === CONFIGURATION & SETTINGS ===\n/config\n/configuration\n/api/config\n/api/configuration\n/settings\n/setting\n/api/settings\n/api/setting\n/preferences\n/preference\n/api/preferences\n/api/preference\n/options\n/api/options\n\n# === DATABASE & STORAGE ===\n/db\n/database\n/api/db\n/api/database\n/storage\n/api/storage\n/cache\n/api/cache\n/redis\n/api/redis\n/mongo\n/api/mongo\n/mysql\n/api/mysql\n/postgres\n/api/postgres\n\n# === INTEGRATION & WEBHOOKS ===\n/webhook\n/webhooks\n/api/webhook\n/api/webhooks\n/callback\n/callbacks\n/api/callback\n/api/callbacks\n/integration\n/integrations\n/api/integration\n/api/integrations\n/connect\n/api/connect\n/sync\n/api/sync\n\n# === DOCUMENTATION ===\n/docs\n/doc\n/documentation\n/api-docs\n/api-doc\n/apidocs\n/apidoc\n/api/docs\n/api/doc\n/swagger\n/swagger-ui\n/api/swagger\n/openapi\n/openapi.json\n/swagger.json\n/swagger.yaml\n/api.json\n/api.yaml\n/spec\n/specs\n/api/spec\n/api/specs\n/schema\n/schemas\n/api/schema\n/api/schemas\n\n# === DEVELOPMENT & TESTING ===\n/dev\n/develop\n/development\n/api/dev\n/api/develop\n/api/development\n/test\n/testing\n/tests\n/api/test\n/api/testing\n/api/tests\n/sandbox\n/api/sandbox\n/demo\n/api/demo\n/staging\n/api/staging\n/stage\n/api/stage\n/beta\n/api/beta\n/alpha\n/api/alpha\n/preview\n/api/preview\n\n# === ERROR HANDLING & DEBUGGING ===\n/debug\n/api/debug\n/error\n/errors\n/api/error\n/api/errors\n/exception\n/exceptions\n/api/exception\n/api/exceptions\n/trace\n/api/trace\n\n# === SECURITY & AUDIT ===\n/security\n/api/security\n/audit\n/auditing\n/api/audit\n/api/auditing\n/compliance\n/api/compliance\n/policy\n/policies\n/api/policy\n/api/policies\n\n# === BACKUP & RECOVERY ===\n/backup\n/backups\n/api/backup\n/api/backups\n/restore\n/api/restore\n/recovery\n/api/recovery\n/snapshot\n/snapshots\n/api/snapshot\n/api/snapshots\n\n# === MONITORING & ALERTING ===\n/monitor\n/monitoring\n/api/monitor\n/api/monitoring\n/observe\n/api/observe\n/watch\n/api/watch\n\n# === SOCIAL & COMMUNITY ===\n/social\n/api/social\n/community\n/api/community\n/forum\n/forums\n/api/forum\n/api/forums\n/comment\n/comments\n/api/comment\n/api/comments\n/review\n/reviews\n/api/review\n/api/reviews\n/rating\n/ratings\n/api/rating\n/api/ratings\n/like\n/likes\n/api/like\n/api/likes\n/follow\n/follows\n/api/follow\n/api/follows\n/share\n/api/share\n\n# === GEOLOCATION & MAPPING ===\n/geo\n/geography\n/api/geo\n/api/geography\n/location\n/locations\n/api/location\n/api/locations\n/map\n/maps\n/mapping\n/api/map\n/api/maps\n/api/mapping\n/place\n/places\n/api/place\n/api/places\n/address\n/addresses\n/api/address\n/api/addresses\n/coordinate\n/coordinates\n/api/coordinate\n/api/coordinates\n\n# === TIME & DATE ===\n/time\n/api/time\n/date\n/dates\n/api/date\n/api/dates\n/datetime\n/api/datetime\n/timezone\n/timezones\n/api/timezone\n/api/timezones\n/calendar\n/api/calendar\n/schedule\n/schedules\n/api/schedule\n/api/schedules\n\n# === IOT & DEVICE MANAGEMENT ===\n# Perfect for companies like Wyze\n/device\n/devices\n/api/device\n/api/devices\n/iot\n/api/iot\n/sensor\n/sensors\n/api/sensor\n/api/sensors\n/camera\n/cameras\n/api/camera\n/api/cameras\n/smart\n/api/smart\n/home\n/api/home\n/automation\n/api/automation\n/control\n/controls\n/api/control\n/api/controls\n\n# === AI & MACHINE LEARNING ===\n/ai\n/artificial-intelligence\n/api/ai\n/ml\n/machine-learning\n/api/ml\n/api/machine-learning\n/model\n/models\n/api/model\n/api/models\n/predict\n/prediction\n/predictions\n/api/predict\n/api/prediction\n/api/predictions\n/train\n/training\n/api/train\n/api/training\n/inference\n/api/inference\n\n# === BLOCKCHAIN & CRYPTO ===\n/crypto\n/cryptocurrency\n/api/crypto\n/api/cryptocurrency\n/blockchain\n/api/blockchain\n/bitcoin\n/api/bitcoin\n/ethereum\n/api/ethereum\n/wallet\n/wallets\n/api/wallet\n/api/wallets\n/transaction\n/transactions\n/api/transaction\n/api/transactions\n\n# === GAME & ENTERTAINMENT ===\n/game\n/games\n/gaming\n/api/game\n/api/games\n/api/gaming\n/player\n/players\n/api/player\n/api/players\n/score\n/scores\n/api/score\n/api/scores\n/leaderboard\n/leaderboards\n/api/leaderboard\n/api/leaderboards\n/achievement\n/achievements\n/api/achievement\n/api/achievements\n\n# === FRAMEWORK SPECIFIC ===\n# WordPress\n/wp-json\n/wp-json/wp/v2\n/wp-json/wc/v1\n/wp-json/wc/v2\n/wp-json/wc/v3\n/wp-admin/admin-ajax.php\n\n# Drupal\n/jsonapi\n/rest\n/api/v1\n\n# Laravel\n/api\n/api/v1\n\n# Django\n/api/v1\n/api/v2\n\n# Express.js\n/api\n/api/v1\n\n# Spring Boot\n/api\n/api/v1\n/actuator\n\n# ASP.NET\n/api\n/api/v1\n/odata\n\n# Ruby on Rails\n/api/v1\n/api/v2\n\n# PHP\n/api.php\n/index.php/api\n/api/index.php\n\n# ASP Classic\n/api.asp\n/api.aspx\n/service.asmx\n\n# Java\n/api.jsp\n/rest\n/webapi\n\n# === CLOUD & INFRASTRUCTURE ===\n/cloud\n/api/cloud\n/infrastructure\n/api/infrastructure\n/compute\n/api/compute\n/network\n/api/network\n/cdn\n/api/cdn\n\n# === LEGACY & DEPRECATED ===\n/legacy\n/api/legacy\n/old\n/api/old\n/deprecated\n/api/deprecated\n/archive\n/api/archive\n/v0\n/api/v0\n\n# === CUSTOM & EXPERIMENTAL ===\n/custom\n/api/custom\n/experimental\n/api/experimental\n/lab\n/labs\n/api/lab\n/api/labs\n\n# === ADDITIONAL COMMON PATTERNS ===\n/endpoint\n/endpoints\n/api/endpoint\n/api/endpoints\n/gateway\n/api/gateway\n/proxy\n/api/proxy\n/bridge\n/api/bridge\n/hub\n/api/hub\n/feed\n/feeds\n/api/feed\n/api/feeds\n/stream\n/streams\n/api/stream\n/api/streams\n\n# === PATH VARIATIONS ===\n/public\n/private\n/internal\n/external\n/secure\n/insecure\n/protected\n/unprotected";Expand description
API endpoint paths (846 paths)