Alternatives to 42Crunch for New endpoint auto-discovery scan

Try middleBrick free

What middleBrick covers

  • Black-box endpoint discovery without agents or code access
  • Risk scoring with prioritized findings mapped to OWASP API Top 10
  • OpenAPI 3.x and Swagger 2.0 spec parsing with $ref resolution
  • Authenticated scans with strict header allowlists and domain verification
  • CI/CD integration via GitHub Action and programmatic API
  • Continuous monitoring with diff detection and scheduled rescans

Black-box scanning for endpoint discovery

middleBrick is a self-service API security scanner that performs black-box testing without requiring agents, SDKs, or code access. Submit a target URL and receive a risk score from A to F with prioritized findings. The scanner operates with read-only methods, including GET and HEAD, plus text-only POST for LLM probes. Scan completion typically occurs in under a minute, making it practical for continuous checks during development and pre-deployment phases.

Detection aligned to OWASP API Top 10 and related mappings

The scanner covers 12 security categories aligned to OWASP API Top 10 (2023). It detects authentication bypasses, JWT misconfigurations such as alg=none or expired tokens, BOLA and IDOR via sequential ID enumeration, BFLA and privilege escalation attempts, and property over-exposure. Additional categories include input validation issues like CORS wildcard usage, rate limiting and resource consumption signals, data exposure patterns including PII and API keys, encryption misconfigurations, SSRF indicators, and inventory management gaps. An LLM security tier probes for prompt injection, jailbreak techniques, and data exfiltration paths.

OpenAPI spec analysis and authenticated scanning

middleBrick parses OpenAPI 3.0, 3.1, and Swagger 2.0 documents with recursive $ref resolution. It cross-references spec definitions against runtime behavior to identify undefined security schemes, sensitive field exposure, deprecated operations, and missing pagination. For authenticated scans, supported methods include Bearer tokens, API keys, Basic auth, and cookies. Domain verification is enforced through DNS TXT records or HTTP well-known files, and the scanner only forwards a strict allowlist of headers to limit exposure.

Product features and integration options

The Web Dashboard centralizes scan management, report viewing, score trend tracking, and downloadable compliance PDFs. The CLI, distributed as an npm package, supports commands such as middlebrick scan <url> with JSON or text output. A GitHub Action can enforce CI/CD gates by failing builds when scores drop below configured thresholds. An MCP Server enables scanning from AI coding assistants, and a programmatic API supports custom integrations. Pro tier adds scheduled rescans, diff detection, email alerts, and signed webhooks.

Data handling, safety posture, and limitations

middleBrick follows a read-only safety posture, never sending destructive payloads. Internal infrastructure, private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers. Customer scan data is deletable on demand and purged within 30 days of cancellation. The tool does not fix, patch, or block findings; it reports with remediation guidance. It does not perform active SQL injection or command injection testing, detect blind SSRF, or replace a human pentester for high-stakes audits.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can middleBrick discover new API endpoints automatically?
Yes. The black-box scanner identifies surface area through read-only interactions and inference from responses, including hidden or deprecated routes.
Does the scanner validate compliance with GDPR or HIPAA?
middleBrick helps you prepare for audits by surfacing security findings and supports audit evidence collection. It does not certify compliance with GDPR, HIPAA, or other regulations.
How are scans authenticated without exposing credentials?
Authenticated scans use Bearer tokens, API keys, Basic auth, or cookies. Domain ownership is verified before credentials are accepted, and only a restricted header set is forwarded.
Can the tool be integrated into CI/CD pipelines?
Yes. The GitHub Action can fail builds based on score thresholds, and the CLI supports automated invocation with structured output for scripting.
What happens to scan data after account deletion?
Customer data is deletable on demand and fully purged within 30 days of cancellation. Data is never sold or used for model training.

Related Pages

Alternatives to DetectifyViable alternatives to Detectify for API security — including middleBrick.Alternatives to Noname SecurityViable alternatives to Noname Security for API security — including middleBrick.Alternatives to Salt SecurityViable alternatives to Salt Security for API security — including middleBrick.