web-application-mapping

What problem does it solve?

Thoroughly understanding a web application's structure, endpoints, and underlying technologies is crucial but time-consuming before any security testing can begin. This Skill automates the entire reconnaissance and mapping process, providing a complete attack surface inventory without manual effort.

Core Features & Use Cases

• Comprehensive Endpoint Discovery: Actively scans for directories, files, APIs (REST, GraphQL), and uses headless browsers to map JavaScript-rendered pages and SPAs.
• Technology Stack Identification: Catalogs all dependencies, frameworks, and libraries, generating a Software Bill of Materials (SBOM).
• Attack Surface Analysis: Consolidates all discovered data to categorize and prioritize attack surfaces for subsequent vulnerability testing.
• Use Case: Before a major security audit, use this Skill to automatically generate a complete, up-to-date map of your web application, including all hidden endpoints and client-side routes, ensuring no part of the application is overlooked during testing.

Quick Start

Perform a comprehensive web application mapping for example.com, including active scanning, API discovery, and JavaScript mapping.