Api Endpoint Disclosure

Detects and lists common backend or API endpoint filenames and configurations exposed on a website, such as .env, package.json, or serverless.yml, to identify potential security leaks.

Price

$0.005/call

Endpoint

GET /check

Base URL

https://api-endpoint-disclosure.apimesh.xyz

Try it

curl -X GET 'https://api-endpoint-disclosure.apimesh.xyz/check?target=example.com'

Use cases

security teams routinely scan client websites for exposed configuration files.
devops engineers verify that deployment endpoints do not leak sensitive files post-deploy.
penetration testers include automated endpoint disclosures in their audit scripts.

Payment methods

Every endpoint supports three payment methods:

API key — sign up, buy credits with a card, get started in a minute.
x402 — pay per call with USDC on Base. No signup needed.
MPP — Stripe Machine Payments Protocol for agents. Cards + stablecoins.

MCP integration

npx @mbeato/apimesh-mcp-server

Adds all APIMesh tools to Claude, Cursor, Windsurf, or any MCP client.

Ready to integrate?

Check API health