Kiterunner is a robust tool for discovering hidden API endpoints, streamlining the process for bug bounty hunters. It utilizes structured wordlists from OpenAPI specifications to effectively fuzz and identify undocumented routes in both REST and GraphQL APIs. This guide offers a comprehensive overview of Kiterunner’s installation, usage, and advanced techniques for optimizing API reconnaissance efforts. Affected: APIs, Bug Bounty Hunters
Keypoints :
- Kiterunner is tailored for brute-forcing API endpoints with API-specific wordlists.
- It can discover hidden endpoints that might not be in official documentation.
- Works effectively with both REST and GraphQL APIs.
- The installation involves setting up Golang and cloning the Kiterunner repository.
- Scanning requires selecting the appropriate wordlist for optimal results.
- Support for authentication headers allows access to secured APIs.
- Concurrent requests can significantly speed up the scanning process.
- Results can be saved in a JSON file for analysis.
- Advanced usage includes fuzzing different HTTP methods and testing with various base paths.
- Kiterunner can be combined with other tools like Burp Suite for deeper analysis.
Full Story: https://infosecwriteups.com/api-endpoints-discovery-using-kiterunner-ded82e092543?source=rss—-7b722bfd1b8d—4