One tool for API recon: preflight defenses, capture real traffic, extract a usable spec.
Project description
apisniff
One tool for API recon: preflight defenses, capture real traffic, extract a usable spec.
What you get
- Probe a URL in 10 seconds, classify 25+ vendor products (Cloudflare, Akamai, DataDome, PerimeterX, Imperva, Kasada, and more)
- Browse a site through a local proxy. Noise is filtered automatically; you keep only API calls.
- Import HAR files or Burp Suite exports for offline analysis
- Generate an OpenAPI spec from captured traffic with schema inference and example values
- Replay captured calls against the live API and see what changed
- Export safely: derived artifacts only, no raw traffic, no credentials
Install
pip install apisniff
# or
pipx install apisniff
# or
uv tool install apisniff
Requires Python 3.12+.
Quick Start
# Check what defenses a site has
apisniff probe example.com
# Capture live traffic (opens Chrome + proxy)
apisniff recon example.com
# Generate an API spec from the capture
apisniff spec example.com -o spec.yaml
# Replay captured calls to detect drift
apisniff replay example.com
# Export a safe, shareable summary
apisniff share example.com
Commands
| Command | Purpose | Docs |
|---|---|---|
probe |
Defense preflight: assess defenses, detect vendors, check rate limits | Reference → |
recon |
Capture + classify: browse through proxy, filter noise, generate report | Reference → |
analyze |
Offline analysis: import HAR, Burp XML, or JSONL captures | Reference → |
replay |
Replay captured calls and detect API drift | Reference → |
spec |
Generate OpenAPI 3.0.3 from captured traffic | Reference → |
share |
Export shareable summary (no raw traffic, no credentials) | Reference → |
Every command supports --help for full flag documentation. See the CLI spec for output format contracts and conventions.
Guides
- Getting started: install to API map in 5 minutes
- Workflow recipes: map an API, check for drift, compare defenses
- Capture formats: HAR, Burp XML, JSONL explained
Important Warnings
Your IP address is exposed
This tool sends real HTTP requests from your IP. Aggressive or repeated probing can get you rate-limited or blocked. apisniff probe rate fires 20 rapid requests, so use it deliberately. Route through --proxy if you don't want to expose your IP.
Results reflect your IP's reputation. Residential IPs see fewer challenges than datacenter/cloud IPs. Use --proxy to compare results from different vantage points.
Capture files contain sensitive data
recon and analyze capture full HTTP traffic including cookies, auth tokens, API keys, and form submissions. Raw bundles are stored locally with owner-only permissions and are never safe to share, commit, or upload.
Use apisniff share to create a safe export with only derived artifacts.
About the mitmproxy certificate
recon requires trusting mitmproxy's CA certificate (one-time macOS Keychain setup). The proxy runs locally on 127.0.0.1; only traffic explicitly routed through port 8080 is intercepted. Regular browsing and apps are unaffected.
What to do with the spec
# Generate a client library
openapi-generator generate -i spec.yaml -g python -o client/
# Import into Postman: File → Import → select spec.yaml
# Feed to an LLM
cat spec.yaml | llm "write a Python client for this API"
Development
git clone https://github.com/4LAU/apisniff.git
cd apisniff
uv sync --dev
uv run pytest tests/ -v
uv run ruff check .
To regenerate command reference docs after changing CLI flags:
uv run python scripts/generate_command_docs.py
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file apisniff-0.1.0.tar.gz.
File metadata
- Download URL: apisniff-0.1.0.tar.gz
- Upload date:
- Size: 137.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.14 {"installer":{"name":"uv","version":"0.11.14","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
20aa682f27dec50b7fce6d9ba78f2d0cfcabc06bd4c44790eac35a4976737779
|
|
| MD5 |
98bdb5fd56fa252e1b24848e90b311eb
|
|
| BLAKE2b-256 |
dee9ad4972e3ce024a8682c0a1a7581bffb4486e948f1f2ca9c190769d9598c2
|
File details
Details for the file apisniff-0.1.0-py3-none-any.whl.
File metadata
- Download URL: apisniff-0.1.0-py3-none-any.whl
- Upload date:
- Size: 53.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.14 {"installer":{"name":"uv","version":"0.11.14","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
fa5548214b7026c9e27404b287bf11d34877607e3b35ab81816814bb4ca4281c
|
|
| MD5 |
d34d8bcbdcd380b49abdbcf8fc3212b2
|
|
| BLAKE2b-256 |
1ca71c07f48f44c1771036e27fb453672588ed7b08643113ef18c72f4455b1f6
|
