Comment on page

Undocumented endpoints

Undocumented APIs are APIs which are not properly documented and hence not part of the security testing process. Outdated documentation makes it difficult to find and/or fix vulnerabilities.

Finding undocumented APIs:

Akto auto detects shadow endpoints ( endpoints which are undocumented but used). To find shadow endpoints, do the following:
  1. 1.
    Update your API documentation by going to the documented tab.
2. Click on upload and upload your open API spec file here.
3. Click on paths. you will see all the endpoints you uploaded from swagger file.
4. Go to the Undocumented tab and find all the endpoints which are undocumented but used.