Dec 6, 2023

API Documentation Tips

When attempting to uncover hidden API documentation in a security testing environment, it’s crucial to systematically probe for potential endpoints. Below is a comprehensive list of various possible endpoints that can be used to discover API documentation: api-docs swagger-ui.html swagger/index.html docs apidocs api/swagger swagger-ui/ v2/api-docs swagger-resources swagger-resources/configuration/ui swagger-resources/configuration/security swagger-ui/index.html explorer/index.html api/v1/api-docs api/v2/api-docs api/v3/api-docs api/swagger.json api/swagger.yaml developer/docs developer/swagger-ui.html api/documentation api/v1/documentation documentation/swagger-ui.html api/v2/documentation/swagger documentation.html swagger-ui.html/v2/api-docs api/swagger-ui.html/docs swagger-ui.html/api-docs v3/api-docs/swagger-ui.html api/swagger-ui.html/v3 api-docs/swagger-ui.html swagger/api-docs swagger/v1/api-docs api/swagger/docs swagger/docs/api-docs api-docs/v1/swagger swagger.json swagger.yaml api/swagger.json/v2 api/swagger.yaml/v3 api/swagger/v2/docs.json api/swagger/v3/docs.yaml swagger/docs/v2 swagger/docs/v3 swagger-ui/v2/swagger.json swagger-ui/v3/swagger.yaml api/swagger-ui.json api/swagger-ui.yaml docs/swagger-ui.html docs/swagger.json docs/swagger.yaml swagger-ui/docs/swagger.json swagger-ui/docs/swagger.yaml swagger-ui/swagger/docs.json swagger-ui/swagger/docs.yaml api/swagger-ui/swagger.json api/swagger-ui/swagger.yaml swagger-ui.html/docs/json swagger-ui.html/docs/yaml swagger-ui.html/api/swagger.json swagger-ui.html/api/swagger.yaml developer/api-docs developer/swagger-ui dev/docs dev/swagger-ui dev/api-docs dev/swagger swagger-ui/dev/docs swagger-ui/dev/api-docs api/dev/docs/swagger-ui.html api/dev/swagger-ui api/dev/swagger api/swagger/dev/docs api/swagger/dev/api-docs swagger/dev/docs swagger/dev/api-docs dev/swagger.json dev/swagger.yaml dev/api/swagger.json dev/api/swagger.yaml swagger-ui/dev/swagger.json swagger-ui/dev/swagger.yaml dev/docs/swagger-ui.html dev/docs/swagger.json dev/docs/swagger.yaml swagger-ui/dev/docs.json swagger-ui/dev/docs.yaml swagger-ui/dev/swagger/docs.json swagger-ui/dev/swagger/docs.yaml api/swagger-ui/dev/swagger.json api/swagger-ui/dev/swagger.yaml swagger-ui.html/dev/docs/json swagger-ui.html/dev/docs/yaml swagger-ui.html/dev/api/swagger.json swagger-ui.html/dev/api/swagger.yaml documentation/api documentation/v1 documentation/v2 documentation/swagger-ui api/documentation/swagger api/documentation/v1 api/documentation/v2…

Lopseg

Bachelor of Engineering in Computer Engineering, dedicated to exploring the depths of cybersecurity. Security researcher and avid bug bounty participant.