Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Offensive Tools

Swagger Jacker

Swagger Jacker is an audit tool designed to improve inspection of unintentionally exposed OpenAPI definition files.

About Swagger Jacker

Improved auditing of OpenAPI definition files.

Efficiently auditing OpenAPI definition files is crucial for effective attack surface management. Since APIs can have hundreds of defined routes and manual testing is time consuming, penetration testers can get bogged down auditing API endpoints after the discovery of a publicly hosted specification file. This is where Swagger Jacker comes in. Swagger Jacker aims to solve this problem by improving inspection of unintentionally exposed OpenAPI definitions files.

With Swagger Jacker, penetration testers can:

  • Automate analysis of response codes for each API defined route
  • Streamline manual testing capabilities with curl command creation
  • Gather endpoint routes
Tony West Photo Montage Website

Adversarial Operator

Tony West

As a member of the Bishop Fox Cosmos team, Tony focuses on the continuous testing of clients' public-facing attack surfaces. Prior to joining Bishop Fox, Tony served in the U.S. Air Force as a Senior Operator and Technical Lead of a Department of Defense Red Team. In 2023, Tony successfully transitioned from military service to the civilian workforce through the Skillbridge program. He holds a B.S. in Cybersecurity from University of Maryland Global Campus.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.