salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(16-03): complete Postman, SwaggerHub, RapidAPI plan

Browse Source 
- SUMMARY with 2 tasks, 6 files, all tests passing
- STATE.md updated with progress and decisions
- REQUIREMENTS.md: RECON-API-01, RECON-API-02 marked complete
This commit is contained in:
salvacybersec
2026-04-06 16:45:50 +03:00
parent 297ad3dc2b
commit 3192cea9e3
3 changed files with 68 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.planning/REQUIREMENTS.md
View File

@@ -199,8 +199,8 @@ Requirements for initial release. Each maps to roadmap phases.
### OSINT/Recon — API Marketplaces ### OSINT/Recon — API Marketplaces
- [ ] **RECON-API-01**: Postman public collections and workspaces scanning - [x] **RECON-API-01**: Postman public collections and workspaces scanning
- [ ] **RECON-API-02**: SwaggerHub published API scanning - [x] **RECON-API-02**: SwaggerHub published API scanning
### OSINT/Recon — Infrastructure ### OSINT/Recon — Infrastructure

12
.planning/STATE.md
View File

@@ -3,14 +3,14 @@ gsd_state_version: 1.0
milestone: v1.0 milestone: v1.0
milestone_name: milestone milestone_name: milestone
status: executing status: executing
stopped_at: Completed 15-03-PLAN.md stopped_at: Completed 16-03-PLAN.md
last_updated: "2026-04-06T13:37:48.053Z" last_updated: "2026-04-06T13:45:42.750Z"
last_activity: 2026-04-06 last_activity: 2026-04-06
progress: progress:
total_phases: 18 total_phases: 18
completed_phases: 14 completed_phases: 14
total_plans: 81 total_plans: 81
completed_plans: 80 completed_plans: 81
percent: 20 percent: 20
--- ---
@@ -99,6 +99,7 @@ Progress: [██░░░░░░░░] 20%
| Phase 14 P01 | 4min | 1 tasks | 14 files | | Phase 14 P01 | 4min | 1 tasks | 14 files |
| Phase 15 P01 | 3min | 2 tasks | 13 files | | Phase 15 P01 | 3min | 2 tasks | 13 files |
| Phase 15 P03 | 4min | 2 tasks | 11 files | | Phase 15 P03 | 4min | 2 tasks | 11 files |
| Phase 16 P03 | 2min | 2 tasks | 6 files |
## Accumulated Context ## Accumulated Context
@@ -148,6 +149,7 @@ Recent decisions affecting current work:
- [Phase 14]: RegisterAll extended to 45 sources (40 Phase 10-13 + 5 Phase 14 CI/CD); CircleCI gets dedicated CIRCLECI_TOKEN - [Phase 14]: RegisterAll extended to 45 sources (40 Phase 10-13 + 5 Phase 14 CI/CD); CircleCI gets dedicated CIRCLECI_TOKEN
- [Phase 15]: Discord/Slack use dorking approach (configurable search endpoint) since neither has public message search API - [Phase 15]: Discord/Slack use dorking approach (configurable search endpoint) since neither has public message search API
- [Phase 15]: Log aggregator sources are credentialless, targeting exposed instances - [Phase 15]: Log aggregator sources are credentialless, targeting exposed instances
- [Phase 16]: API marketplace sources (Postman, SwaggerHub, RapidAPI) all credentialless -- no API keys required
### Pending Todos ### Pending Todos
@@ -162,6 +164,6 @@ None yet.
## Session Continuity ## Session Continuity
Last session: 2026-04-06T13:32:52.610Z Last session: 2026-04-06T13:45:42.746Z
Stopped at: Completed 15-03-PLAN.md Stopped at: Completed 16-03-PLAN.md
Resume file: None Resume file: None

59
.planning/phases/16-osint_threat_intel_mobile_dns_api_marketplaces/16-03-SUMMARY.md Normal file
View File

@@ -0,0 +1,59 @@
---
phase: 16-osint-threat-intel-mobile-dns-api-marketplaces
plan: 03
subsystem: recon-sources
tags: [osint, api-marketplace, postman, swaggerhub, rapidapi, recon]
dependency_graph:
requires: [recon.ReconSource interface, sources.Client, BuildQueries, ciLogKeyPattern]
provides: [PostmanSource, SwaggerHubSource, RapidAPISource]
affects: [RegisterAll wiring]
tech_stack:
added: []
patterns: [credentialless API marketplace scanning, HTML scraping for RapidAPI, JSON API for Postman/SwaggerHub]
key_files:
created:
- pkg/recon/sources/postman.go
- pkg/recon/sources/postman_test.go
- pkg/recon/sources/swaggerhub.go
- pkg/recon/sources/swaggerhub_test.go
- pkg/recon/sources/rapidapi.go
- pkg/recon/sources/rapidapi_test.go
modified: []
decisions:
- All three sources are credentialless -- Postman and SwaggerHub have public APIs, RapidAPI is scraped
- RapidAPI uses HTML scraping approach since its internal search API is not stable
- SwaggerHub fetches full spec content after search to scan example values for keys
metrics:
duration: 2min
completed: 2026-04-06
tasks: 2
files: 6
---
# Phase 16 Plan 03: Postman, SwaggerHub, RapidAPI Sources Summary
API marketplace recon sources scanning public Postman collections, SwaggerHub API specs, and RapidAPI listings for hardcoded API keys in examples and documentation.
## Task Results
### Task 1: Postman and SwaggerHub sources
- **Commit:** edde02f
- **PostmanSource:** Searches via Postman internal search proxy (`/ws/proxy`) for key patterns in collection snippets
- **SwaggerHubSource:** Two-phase: search public specs, then fetch each spec and scan for keys in example values, server URLs, security scheme defaults
- **Tests:** 8 tests (Name, Enabled, Sweep with match, Sweep empty) for both sources
### Task 2: RapidAPI source
- **Commit:** 297ad3d
- **RapidAPISource:** Scrapes public search result pages for key patterns in code examples and descriptions
- **Confidence:** Set to "low" (HTML scraping is less precise than JSON API parsing)
- **Tests:** 4 tests (Name, Enabled, Sweep with match, Sweep clean HTML)
## Deviations from Plan
None -- plan executed exactly as written.
## Known Stubs
None. All three sources are fully functional with real API endpoint patterns.
## Self-Check: PASSED