detecting-shadow-api-endpoints
CommunityExpose undocumented API endpoints quickly
System Documentation
What problem does it solve?
Shadow and undocumented API endpoints create hidden attack surfaces by operating outside of documentation and governance, allowing unauthenticated or poorly monitored access that can lead to data exposure and unauthorized actions. This Skill provides a structured approach to discover, inventory, and prioritize those endpoints so teams can close gaps in API visibility and monitoring.
Core Features & Use Cases
- Traffic vs Specification Comparison: Align observed API traffic with OpenAPI/Swagger specs to flag undocumented paths and parameterized routes.
- Repository and Cloud Mining: Find route definitions in source code and enumerate cloud API gateway, Lambda URLs, and ALB rules to detect orphaned or legacy endpoints.
- Risk Scoring & Reporting: Classify endpoints by authentication presence, traffic volume, status codes, and sensitive path patterns and produce a consolidated report for SOC or DevSecOps remediation.
- Use Case: A SOC analyst investigating suspicious API activity can run access log analysis, compare with exported OpenAPI specs, and generate a prioritized list of shadow endpoints for immediate mitigation.
Quick Start
Use this skill to scan your API access logs and OpenAPI specifications and produce a prioritized shadow API discovery report.
Dependency Matrix
Required Modules
None requiredComponents
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: detecting-shadow-api-endpoints Download link: https://github.com/Acczdy/MoZiSec/archive/main.zip#detecting-shadow-api-endpoints Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.