GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → RhinoSecurityLabs → Swagger Ez

RhinoSecurityLabs / Swagger Ez

Licence: bsd-3-clause
A tool geared towards pentesting APIs using OpenAPI definitions.

Programming Languages

javascript
184084 projects - #8 most used programming language

Swagger-EZ

A tool geared towards pentesting APIs using OpenAPI definitions.

We have a version hosted here: https://rhinosecuritylabs.github.io/Swagger-EZ/

Blog post: https://rhinosecuritylabs.com/application-security/simplifying-api-pentesting-swagger-files/

Setup

git clone https://github.com/RhinoSecurityLabs/Swagger-EZ.git

Open index.html in your browser.

Usage

Once the UI is loaded into the browser, we suggest pressing F12 to have the browser console open to watch for potential errors.

Configure your browser to use the proxy tool you would like i.e. Burp Suite.

Now you can insert the URL containing the Swagger 2.0 JSON or simply copy and paste an entire JSON Swagger 2.0 blob into the input field.

Pressing load will parse the JSON and load the input fields for the parameters that need to be filled out.

Fill out each parameters with some data and when ready press send.

You should see the site tree of your proxy filling up. Demo

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].