Get the FREE Ultimate OpenClaw Setup Guide →

pentest-api-attacker

npx machina-cli add skill 0x-Professor/Agent-Skills-Hub/pentest-api-attacker --openclaw
Files (1)
SKILL.md
1.3 KB

Pentest API Attacker

Stage

  • PTES: 5
  • MITRE: T1190

Objective

Enumerate and test API endpoints and business logic attack vectors.

Required Workflow

  1. Validate scope before any active action and reject out-of-scope targets.
  2. Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
  3. Write findings in canonical finding_schema format with reproducible PoC notes.
  4. Honor dry-run mode and require explicit --i-have-authorization for live execution.
  5. Export deterministic artifacts for downstream skill consumption.

Execution

python skills/pentest-api-attacker/scripts/api_attacker.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run

Outputs

  • api-endpoints.json
  • api-findings.json
  • api-attack-report.json

References

  • references/tools.md
  • skills/autonomous-pentester/shared/scope_schema.json
  • skills/autonomous-pentester/shared/finding_schema.json

Legal and Ethical Notice

WARNING AUTHORIZED USE ONLY
This skill executes real security testing tools against live targets.
Use only with written authorization.

Source

git clone https://github.com/0x-Professor/Agent-Skills-Hub/blob/main/skills/pentest-api-attacker/SKILL.mdView on GitHub

Overview

Automates enumeration and testing of API endpoints and business logic attack vectors. It aligns with PTES, MITRE, and OWASP guidelines to ensure authorized, scoped assessments. Results are produced as reproducible PoCs and canonical findings for audit-ready reporting.

How This Skill Works

Uses the api_attacker.py workflow to validate scope, execute authorized checks, and collect results. Outputs include api-endpoints.json, api-findings.json, and api-attack-report.json, with findings written in a canonical finding_schema format for reproducibility.

When to Use It

  • Before any live testing, verify scope and obtain written authorization; run in dry-run to validate coverage.
  • Enumerate API endpoints and surface attack vectors to map the attack surface of the target API.
  • Assess authentication, authorization, and protocol-specific controls in line with OWASP API Top 10 guidance.
  • Capture reproducible PoCs and canonical findings to support audit trails and remediation.
  • Export deterministic artifacts (endpoints, findings, and attack report) for downstream tooling.

Quick Start

  1. Step 1: Prepare scope.json and target, then run the dry-run command: python skills/pentest-api-attacker/scripts/api_attacker.py --scope scope.json --target <target> --input <path> --output <path> --format json --dry-run
  2. Step 2: Review api-endpoints.json and api-findings.json to confirm coverage and findings.
  3. Step 3: If authorized for live testing, re-run with --i-have-authorization (no --dry-run) and save api-attack-report.json.

Best Practices

  • Always validate scope before any action and reject out-of-scope targets.
  • Run only authorized checks aligned to PTES, OWASP WSTG, NIST SP 800-115, and MITRE ATT&CK.
  • Write findings in the canonical finding_schema format with reproducible PoCs.
  • Use the dry-run mode first and require explicit --i-have-authorization for live testing.
  • Export deterministic artifacts (api-endpoints.json, api-findings.json, api-attack-report.json) for downstream use.

Example Use Cases

  • Enumerating API endpoints and mapping attack surfaces in a REST/GraphQL service.
  • Testing for auth abuse, insecure direct object references, and missing access controls.
  • Validating rate limits, input validation, and protocol headers in an API.
  • Detecting business-logic flaws that could leak data or bypass approvals.
  • Producing an audit-ready attack report with PoCs and artifacts.

Frequently Asked Questions

Add this skill to your agents
Sponsor this space

Reach thousands of developers