This sector deep-dive is currently available in Portuguese only. Full English translation is in progress.

/cenarios · API Exposure

Quantas APIs Suas Estão Expostas Hoje?

API exposure assessment — descoberta de shadow API, API zombie, endpoint não documentado, secret em URL pública, BFF/internal API expostos.

Mapear minhas APIs expostas See vectors

90% manual · 10% automated

OSCP · CISSP · CRTO · GPEN

BR · PT · IT · ES · MA · US · AU

OWASP · MITRE · PTES · NIST

Why now

The real pain

Empresa tem inventário oficial de 30 APIs. Pentest descobre 240. Endpoint /v1 legado de 2019 ainda no ar com auth quebrada, BFF mobile exposto sem WAF, endpoint interno de admin disponível por URL adivinhável. Inventário ruim = ataque garantido.

References and threat actors

OWASP API Security Top 10 2023 (API9)NIST SP 800-204 seriesGartner API Security guidance

/attack-surface

API Exposure

Every engagement is designed for your environment. The points below are part of our standard playbook for this sector — final scope is adapted to your stack and contract.

Discovery via ASM

Certificate transparency, DNS history, JavaScript analysis, mobile app reverse, Postman public collections.

Shadow API e zombie API

Versão antiga (/v1, /v2) ainda viva, endpoint deploy esquecido, ambiente test/dev exposto.

Internal API expostos

BFF, admin API, ops API que deveriam ser internas e estão em produção.

Secrets em URL/JS público

API key em JS minified, token em URL com GET, secret em HTML public-source.

API inventory vs realidade

Comparação inventário oficial (catalog/API gateway) vs descoberto via ASM.

Monitoring contínuo

Detecção em real-time de novo endpoint deployed sem catálogo.

/methodology

Genuinely manual pentest

Automated scanners find what's documented. Real attackers find what isn't. 90% of the work is manual — performed by specialists holding OSCP, CISSP, CRTO and GPEN.

01 · Reconnaissance

Target mapping, OSINT, footprint, sector-specific threat modeling.

02 · Discovery

Deep enumeration, complementary scanning, manual exposure identification.

03 · Exploitation

Manual validation with controlled PoC, finding chaining, escalation.

04 · Report

Executive + technical, step-by-step replication, mapped to applicable regulation.

/why-trust

Who has trusted our work

Mapeamento em SaaS B2B com 40+ microsserviços e fintech com legado de 8 anos de APIs.

Caixa Econômica Federal

Banco BMG

iFood

ArcelorMittal

Multibanco

Polícia Federal

Fórmula 1

OpenFinance

Technical assessment recognized in highly regulated, mission-critical environments — the pentest that finds what nobody had found before.

Douglas Lopes

Founder · CEO · intrus.io

/faq

FAQ — API Exposure

Cobertura é externa só ou interna também?

Ambas. Externa via ASM/OSINT. Interna com acesso ao network catalog + traffic mirror se autorizado.

Faixa de preço?

Pontual (snapshot): R$ 15-40k. Monitoring contínuo: R$ 5-15k/mês com alerta em até 4h de novo endpoint.

/contact

Mapear minhas APIs expostas

Schedule a confidential meeting. Within 48h we'll send a proposal with scope, timeline and pricing.

Talk to us See other sectors

Other sectors we cover

/ransomware-readiness

Ransomware Readiness

/vazamento-de-dados

Vazamento de Dados

/ameaca-interna-insider

Ameaça Interna · Insider

/email-comprometido-bec

BEC · Email Comprometido

/backup-integrity

Backup Integrity

/cloud-misconfig