Escape review

This tool is a self-service API security scanner that accepts a URL and returns a risk score with prioritized findings. It performs black-box scanning, requiring no agents, SDKs, or code access, and supports any language, framework, or cloud. Scans complete in under a minute using read-only methods (GET and HEAD) and text-only POST for LLM probes.

The scanner evaluates 12 categories aligned to the OWASP API Top 10 (2023), including Authentication bypass, BOLA and IDOR, BFLA and privilege escalation, Property Authorization over-exposure, Input Validation, Rate Limiting and Resource Consumption, Data Exposure, Encryption, SSRF, Inventory Management, Unsafe Consumption, and LLM / AI Security. Findings map directly to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10, and the tool helps you prepare for audit evidence relevant to other regulatory frameworks through alignment with security controls described in those standards.

• Authentication — multi-method bypass, JWT misconfigurations such as alg=none or HS256, expired or missing claims, and sensitive data in claims.
• BOLA / IDOR — sequential ID enumeration and active adjacent-ID probing.
• BFLA / Privilege Escalation — admin endpoint probing and role or permission field leakage.
• Property Authorization — over-exposure and internal field leakage, including mass-assignment surface.
• Input Validation — CORS wildcard configurations (with and without credentials), dangerous HTTP methods, and debug endpoints.
• Rate Limiting & Resource Consumption — detection of rate-limit headers, oversized responses, and unpaginated arrays.
• Data Exposure — PII patterns including email, Luhn-validated card numbers, context-aware SSN, and API key formats such as AWS, Stripe, GitHub, and Slack.
• Encryption — HTTPS redirect, HSTS, cookie flags, and mixed content.
• SSRF — URL-accepting parameters and body fields, internal IP detection, and active IP-bypass probes.
• Inventory Management — missing versioning, legacy path patterns, and server fingerprinting.
• Unsafe Consumption — excessive third-party URLs and webhook/callback surface.
• LLM / AI Security — 18 adversarial probes across Quick, Standard, and Deep tiers, targeting system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration, cost exploitation, encoding bypass, translation-embedded injection, few-shot poisoning, markdown injection, multi-turn manipulation, indirect prompt injection, token smuggling, tool-abuse, nested instruction injection, and PII extraction.

The scanner parses OpenAPI 3.0, 3.1, and Swagger 2.0 specs with recursive $ref resolution, cross-referencing definitions against runtime findings such as undefined security schemes, sensitive fields, deprecated operations, and missing pagination. Authenticated scanning (available from Starter tier upward) supports Bearer, API key, Basic auth, and Cookie, with a domain verification gate that requires DNS TXT record or HTTP well-known file ownership. Only a limited set of headers is forwarded, including Authorization, X-API-Key, Cookie, and X-Custom-*.

The Web Dashboard provides scan management, report viewing, score trend tracking, and downloadable branded compliance PDFs. The CLI, distributed as an npm package, supports commands such as middlebrick scan <url> with JSON or text output. A GitHub Action is available for CI/CD gating, failing builds when the score drops below a defined threshold. The MCP Server enables scanning from AI coding assistants such as Claude and Cursor.

Continuous monitoring in Pro tier includes scheduled rescans at intervals of 6 hours, daily, weekly, or monthly, diff detection across scans for new or resolved findings and score drift, rate-limited email alerts of up to 1 per hour per API, and HMAC-SHA256 signed webhooks that auto-disable after 5 consecutive failures. Enterprise tier adds unlimited APIs, custom rules, SSO, audit logs, SLA, and dedicated support.

• Free — 3 scans per month and CLI access.
• Starter — 15 APIs, monthly scans, dashboard, email alerts, and MCP Server at 99 USD per month.
• Pro — 100 APIs (+7 USD per additional), continuous monitoring, GitHub Action gates, CI/CD integration, Slack/Teams alerts, compliance reports, and signed webhooks at 499 USD per month.
• Enterprise — unlimited APIs with custom rules, SSO, audit logs, SLA, and dedicated support at 2000 USD per month.

The scanner uses read-only methods only and never sends destructive payloads. Private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers. Customer scan data is deletable on demand and purged within 30 days of cancellation; data is never sold and is not used for model training.

The tool does not fix, patch, block, or remediate issues; it detects and reports with remediation guidance. It does not perform active SQL injection or command injection testing, which falls outside its non-intrusive scope. It does not detect business logic vulnerabilities, blind SSRF (due to lack of out-of-band infrastructure), or replace a human pentester for high-stakes audits. Detection capabilities are bounded by its black-box methodology and are not guaranteed to surface every class of issue.