What it captures
An agent reads your routing and handler code and produces a structured spec of the endpoints your application exposes, the real entry points where attacker-controlled input arrives. This map feeds the analysis stage so the agent knows where to start tracing data flow.Why it’s useful
Attack surface at a glance
See every route the scanner found, so you know what’s reachable from outside.
Better findings
Knowing the entry points lets Gecko connect external input to internal sinks
more accurately.
Where to find it
- Repository → Endpoints tab: endpoints from the latest scan.
- Scan detail → Endpoints: endpoints for a specific scan.
- API: fetch the stored endpoint definitions for a scan programmatically.
Some teams run Gecko in an endpoint-discovery-focused mode where the API spec
is the primary output. If that applies to your team, your dashboard emphasizes
the Endpoints view.