discover api
Probe a base URL for common API paths (e.g. /openapi.json, /graphql, /.well-known/) and read response headers to fingerprint the server framework and language.
vulnapi discover api <URL> [flags]Accepts all common flags.
Output
Section titled “Output”The command prints two tables:
- Well-known paths — paths that returned a non-404 response, with their HTTP status codes.
- Fingerprints — detected technologies inferred from response headers (server, framework, language, etc.).
Examples
Section titled “Examples”Discover well-known paths and fingerprints
vulnapi discover api https://api.example.comPass an Authorization header
vulnapi discover api https://api.example.com \ -H "Authorization: Bearer <token>"Exit codes
Section titled “Exit codes”| Code | Meaning |
|---|---|
0 | Discovery completed successfully |
1 | Fatal error (invalid URL, network failure, etc.) |