Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›
Efficiently auditing OpenAPI definition files is crucial for effective attack surface management. Since APIs can have hundreds of defined routes and manual testing is time consuming, penetration testers can get bogged down auditing API endpoints after the discovery of a publicly hosted specification file. This is where Swagger Jacker comes in. Swagger Jacker aims to solve this problem by improving inspection of unintentionally exposed OpenAPI definitions files.
With Swagger Jacker, penetration testers can:
As a member of the Bishop Fox Cosmos team, Tony focuses on the continuous testing of clients' public-facing attack surfaces. Prior to joining Bishop Fox, Tony served in the U.S. Air Force as a Senior Operator and Technical Lead of a Department of Defense Red Team. In 2023, Tony successfully transitioned from military service to the civilian workforce through the Skillbridge program. He holds a B.S. in Cybersecurity from University of Maryland Global Campus.
Dec 12, 2023
Introducing Swagger Jacker: Auditing OpenAPI Definition Files
By Tony West
Swagger Jacker: Improved Auditing of OpenAPI Definition Files
Discover the power of Swagger Jacker, an open-source audit tool designed to improve inspection of unintentionally exposed OpenAPI definition files for penetration testers.
Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools
What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.