Automatic Generation of OpenAPI contracts with API Capture

Automate the manual task of creating OpenAPI contracts with API Capture. API Capture uses multiple sources such as Postman collections and API traffic to create OpenAPI definition files. API Capture is also available on the 42Crunch API Security Platform.

Introduction to API Capture

An introduction to API Capture and an overview of the main elements including the Dashboard, QuickGen, Buckets, Secrets and the OpenAPI Generator.

How to use QuickGen Capture

Build OpenAPI files quickly using Postman collections and / or HAR files as your sources for your API data.

Capture API Traffic in Buckets

How to use Buckets to organize sample traffic into containers from which you can generate your OpenAPI definition file.

How to use the OpenAPI Generator

How to use the advanced automation feature to generate OpenAPI definition files from multiple sources.

Latest Resources


Review of Major API Security Breaches from H1 2024

In this latest webinar, Anthony Lonergan, reviews some of the most recent high-profile API breaches that occurred in 2024.
Anthony will give a detailed overview of each attack and explain how the different vulnerabilities could be exploited to compromise the companies involved. He then practically demonstrates how companies can remediate against these vulnerabilities order to better protect their APIs.


The Scourge of SQL Injection for APIs

By Anthony Lonergan | June 25, 2024

In a report published in May 2024, cybersecurity firm Eclypsium outlined key vulnerabilities discovered in the F5 Big IP Next device. It’s another sobering reminder of the challenges faced in securing APIs when a highly regarded security company like F5 launches a new flagship product with all-too-familiar vulnerabilities […]


APIs are the core building block of every enterprise’s digital strategy, yet they are also the number one attack surface for hackers. 42Crunch makes developers’ and security practitioners' lives easier by protecting APIs, with a platform that automates security into the API development pipeline and gives full oversight of security policy enforcement at every stage of the API lifecycle.

Ready to Learn More?

Developer-first solution for delivering API security as code.