-
Notifications
You must be signed in to change notification settings - Fork 6
Architecture
Santiago Gimenez Ocano edited this page Jun 9, 2026
·
2 revisions
Vespasian uses a two-stage pipeline that separates traffic capture from specification generation.
- Capture once, generate many. Run different generators against the same capture without re-scanning.
- Debuggable. The capture file is inspectable JSON, isolating capture bugs from generation bugs.
- Composable. Import traffic from any source (browser crawls, proxy captures, mobile testing).
- Offline analysis. Generate specifications without network access, useful during limited engagement windows.
| Component | Purpose | Supported Types |
|---|---|---|
| Crawler | Captures HTTP traffic via one of two backends: a headless Chrome browser (go-rod, full JavaScript/SPA support, default) or a dependency-free stdlib net/http engine (--headless=false) |
Protocol-agnostic |
| Importers | Convert Burp Suite XML, HAR, and mitmproxy traffic to capture format | All three formats |
| Classifier | Separates API calls from static assets using heuristics | REST, GraphQL, WSDL |
| Prober | Enriches endpoints via active requests | OPTIONS, JSON schema, WSDL fetch, GraphQL introspection |
| Generator | Produces specification files from classified and probed traffic | OpenAPI 3.0, GraphQL SDL, WSDL |
cmd/vespasian/ CLI entry point
pkg/crawl/ Headless browser crawler + capture format
pkg/importer/ Traffic importers (Burp, HAR, mitmproxy)
pkg/classify/ API classification (REST, GraphQL, WSDL)
pkg/probe/ Endpoint probing (OPTIONS, schema, WSDL, GraphQL introspection)
pkg/generate/
├── rest/ OpenAPI 3.0 generation, path normalization, schema inference
├── graphql/ GraphQL SDL generation, introspection, traffic inference
└── wsdl/ WSDL generation, SOAP operation extraction
Vespasian is built by Praetorian. Learn more about the Praetorian Guard attack surface management platform. Licensed under Apache 2.0.