Migrating from 42Crunch to middleBrick for Framework version upgrade audit

The migration from 42Crunch to middleBrick centers on validating security controls across framework revisions. middleBrick is a black-box API security scanner that submits a URL and returns a risk score from A to F with prioritized findings. It supports OpenAPI 3.0, 3.1, and Swagger 2.0, resolving recursive $ref definitions and cross-referencing spec definitions against runtime behavior. The scanner operates read-only, using GET and HEAD plus text-only POST for LLM probes, completing in under a minute. This makes it practical for repeated runs during framework version upgrade audits without disrupting production traffic.

middleBrick maps findings to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II, which supports audit evidence for specific control objectives. Detection categories include authentication bypass, JWT misconfigurations such as alg=none and expired tokens, BOLA and IDOR via sequential ID enumeration, BFLA and privilege escalation through admin endpoint probing, and property authorization over-exposure. Input validation checks cover CORS wildcard usage and dangerous HTTP methods, while data exposure spans PII patterns, API key formats, and error leakage. Encryption checks validate HTTPS redirects, HSTS, and cookie flags. SSRF probes target URL-accepting parameters, and inventory checks identify missing versioning and legacy paths.

For upgrade audits that require authenticated endpoints, middleBrick supports Bearer, API key, Basic auth, and Cookie authentication at the Starter tier and above. Domain verification is enforced through DNS TXT records or an HTTP well-known file, ensuring only the domain owner can scan with credentials. The scanner forwards a restricted allowlist of headers, including Authorization, X-API-Key, Cookie, and X-Custom-*, which limits exposure during testing. This approach allows you to validate authenticated attack surfaces across framework versions while maintaining strict header control.

With Pro tier, scheduled rescans can run every 6 hours, daily, weekly, or monthly to track security posture through framework upgrades. Continuous monitoring provides diff detection between scans, highlighting new findings, resolved findings, and score drift. Email alerts are rate-limited to one per hour per API, and HMAC-SHA256 signed webhooks notify external systems with auto-disable after 5 consecutive failures. These features help you correlate security changes with framework modifications and provide timely evidence for review cycles.

The scanner includes LLM / AI Security testing with 18 adversarial probes across Quick, Standard, and Deep scan tiers. These probes cover system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration attempts, cost exploitation, encoding bypass techniques such as base64 and ROT13, translation-embedded injection, few-shot poisoning, markdown injection, multi-turn manipulation, indirect prompt injection, token smuggling, tool-abuse patterns, nested instruction injection, and PII extraction. This breadth helps detect prompt-injection and model-manipulation risks that often surface during AI-assisted framework upgrades.

middleBrick does not fix, patch, block, or remediate findings; it reports with remediation guidance. It does not perform active SQL injection or command injection testing, nor does it detect business logic vulnerabilities that require domain context. Blind SSRF and out-of-band infrastructure checks are out of scope, and the tool does not replace a human pentester for high-stakes audits. Understanding these boundaries helps you plan supplementary testing where needed.