-
Notifications
You must be signed in to change notification settings - Fork 6
Use Cases
Real-world scenarios for using Vespasian in security assessments and API discovery.
During authorized security assessments, clients often cannot provide API documentation. Vespasian crawls the target application with a headless browser, captures every API call the frontend makes, and produces specifications that describe the discovered endpoints, parameters, and response schemas.
vespasian scan https://app.example.com -H "Authorization: Bearer <token>" -o api.yamlPentesters already capture traffic in Burp Suite and mitmproxy during manual testing. Rather than re-crawling, Vespasian can import that traffic and generate specifications from work already done. This is especially useful for mobile application testing, where no browser crawl can observe the API calls.
vespasian import burp traffic.xml -o capture.json
vespasian generate rest capture.json -o api.yamlFor attack surface management, Vespasian identifies which API endpoints a web application exposes by executing its JavaScript and intercepting all outbound requests. The resulting specification can feed into further security testing tools that accept OpenAPI, GraphQL SDL, or WSDL input.
vespasian scan https://app.example.com -v -o api.yamlGenerate an API specification with Vespasian, then pass it directly to Hadrian for automated OWASP API Top 10 authorization testing. This creates a complete discover-then-test workflow.
vespasian scan https://app.example.com -o api.yaml
# Then pass api.yaml to HadrianVespasian is built by Praetorian. Learn more about the Praetorian Guard attack surface management platform. Licensed under Apache 2.0.