# Enumeracion en Endpoints

### Fuzz de Endpoints

```
https://domain.site/api/v1/FUZZ1.FUZZ2

actionObject
ActionObject
action_Object
action-object
action.object
...
```

{% embed url="<https://github.com/chrislockard/api_wordlist>" %}

### JS Minning

Extension de burpsuite.

<figure><img src="https://1116580734-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F80DU0lRP27yfgYzc3pOF%2Fuploads%2FEjV7duuFZgb1x8owjywl%2Fimage.png?alt=media&#x26;token=cf9ebdb3-4766-4399-9aa3-a4f1bdec2b07" alt=""><figcaption></figcaption></figure>

{% embed url="<https://github.com/portswigger/js-miner>" %}

### Fuzz de parametros

```
arjun -u URL
```

{% embed url="<https://github.com/s0md3v/Arjun>" %}

### Kite Runner

```
kr scan hosts.txt -w routes.kite -x 20 -j 100
```

{% embed url="<https://github.com/assetnote/kiterunner>" %}