Understand what your OpenAPI/Swagger spec reveals about your attack surface — unauthenticated endpoints, PII-indicative schemas, exposed credentials, DNS and ASN intelligence, and actionable security findings.
Shown on the exported report header.
Common paths: /openapi.json · /v3/api-docs · /swagger.json · /api-docs
OFF skips certificate checks (self-signed or hostname mismatch). Use only for lab or internal APIs.