JSpider is a smart crawler for hidden endpoints. It crawls and extracts hidden API endpoints and URLs from JavaScript files and HTML source code — all directly in your browser.

A tool for detecting http request smuggling vulnerabilities.

This is a API Security Scanner with panel

A comprehensive Swagger UI version detection and vulnerability scanner written in Go.

Open source tool to perform vulnerability scanning using Python and NMAP.

a versatile tool inspired by Postman that simplifies the process of testing and exploring APIs.

一款针对 LLM 输入侧审查的精确逆向分析工具。自动定位 NewAPI、OneAPI 及任何实施基于字典规则进行 Prompt 过滤的 API 网关中的敏感关键词| A precision reverse-engineering tool for LLM input censorship. Automatically pinpoints blocked keywords in NewAPI, OneAPI, and any API gateways enforcing dictionary-based prompt filtering.

A Kali-friendly tool to scan for leaked or exposed API keys and identify which service they belong to, using over 1000 known patterns.

Advanced web crawler for recon, OSINT, API discovery, JS parsing & WAF-friendly crawling.