Scan projects for APIs, URLs and environment variables
Project description
🔍 APIHunterX
Scan projects for APIs, SDKs, URLs, environment variables, and exposed secrets.
APIHunterX helps developers, security engineers, and DevOps teams quickly understand what external services a project uses and identify potential security issues.
Features
API Discovery
- Detect OpenAI usage
- Detect AWS SDK (boto3)
- Detect Anthropic
- Detect Stripe
- Detect Discord
- Detect Google Gemini
- Detect Tweepy
- Detect Requests / HTTPX
URL Discovery
Find API endpoints such as:
"https://api.openai.com/v1/chat/completions"
"https://api.github.com/repos"
"https://api.stripe.com/v1/customers"
Environment Variable Discovery
Detect:
os.getenv("OPENAI_API_KEY")
os.environ["AWS_SECRET_ACCESS_KEY"]
Scan:
.env
.env.local
.env.example
Secret Detection
Detect potentially exposed:
- OpenAI Keys
- GitHub Tokens
- AWS Access Keys
- Stripe Keys
Example:
OPENAI_KEY="sk-proj-xxxxxxxxxxxxxxxx"
Report Generation
Generate:
- TXT reports
- JSON reports
Installation
pip install apihunterx
Usage
Scan a Project
api-hunter scan .
JSON Output
api-hunter scan . --json
Example:
{
"services": [
"OpenAI",
"AWS"
],
"urls": [
"https://api.openai.com/v1/chat/completions"
],
"env_vars": [
"OPENAI_API_KEY"
]
}
Example Report
============================================================
API HUNTER REPORT
============================================================
SERVICES
----------------------------------------
- OpenAI
- AWS
API URLS
----------------------------------------
- https://api.openai.com/v1/chat/completions
ENV VARS
----------------------------------------
- OPENAI_API_KEY
- AWS_SECRET_ACCESS_KEY
SECRETS FOUND
----------------------------------------
- OpenAI: sk-proj-...
FILES SCANNED: 42
Supported SDKs
| Service | Package |
|---|---|
| OpenAI | openai |
| AWS | boto3 |
| Anthropic | anthropic |
| Stripe | stripe |
| Discord | discord |
| Gemini | google.generativeai |
| Tweepy | tweepy |
| Requests | requests |
| HTTPX | httpx |
Project Structure
api_hunter/
│
├── cli.py
├── scanner.py
├── detector.py
├── secret_detector.py
├── env_scanner.py
├── report.py
│
└── data/
Roadmap
v0.3.0
- FastAPI route discovery
- Flask route discovery
- requirements.txt scanning
- pyproject.toml analysis
v0.4.0
- Markdown report generation
- HTML reports
- Dependency graph generation
v1.0.0
- JavaScript support
- TypeScript support
- GitHub Action integration
- Security audit mode
Contributing
Pull requests, feature requests, and bug reports are welcome.
License
MIT License
Author
Samarth Patil
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apihunterx-0.2.0.tar.gz.
File metadata
- Download URL: apihunterx-0.2.0.tar.gz
- Upload date:
- Size: 5.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ee53653bd1eb6116967cd91185c5a751d0606cf5830d5ddeb19fd395683a2868
|
|
| MD5 |
d6fbcaaee22c7f6ee8fdd7b64bc19d38
|
|
| BLAKE2b-256 |
868e0fc86f82b0501e29837a01b4014e2f83a97f076a349bce8b471ea7f7a9e6
|
File details
Details for the file apihunterx-0.2.0-py3-none-any.whl.
File metadata
- Download URL: apihunterx-0.2.0-py3-none-any.whl
- Upload date:
- Size: 6.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cac7bbb660631c541a35e6d3b2580331ac770816b77ae9ab17656fc3f9c3c767
|
|
| MD5 |
205319a898198729e1e970529af01549
|
|
| BLAKE2b-256 |
95690ebefb2c3f61b18dd09ea8f640de75f7b8060944b1e1661d666146a2d945
|