id: openapi info: name: OpenAPI - Detect author: pdteam,ynnirc severity: info description: OpenAPI was detected. reference: - https://www.openapis.org/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 tags: exposure,api requests: - method: GET path: - "{{BaseURL}}/openapi.json" matchers-condition: and matchers: - type: word words: - openapi - paths condition: and - type: word part: header words: - application/openapi+json - application/json condition: or - type: status status: - 200 # Enhanced by mp on 2023/02/05