Add OpenAPI/Swagger JSON output subcommand

mschwager / route-detect

Find authentication (authn) and authorization (authz) security bugs in web application routes.

BSD 3-Clause "New" or "Revised" License

246 stars 16 forks source link

Add OpenAPI/Swagger JSON output subcommand #14

Open mschwager opened 10 months ago

mschwager commented 10 months ago

E.g. https://swagger.io/specification/

It'd be helpful to have a subcommand that can turn Semgrep JSON results into an OpenAPI/Swagger JSON spec. This spec file could then be used in DAST scanners or other tools that ingest this format. This would be a convenient way to analyze code, and turn this analysis into something widely used by other tools.

Gby56 commented 10 months ago

had this same exact idea to feed into DAST yeah, maybe a good cli prompt interface or some extra flags, to tell the server/host url, base path etc...