Go CLI - authorized endpoint profiling

EndpointRadar

Focused endpoint profiling for authorized web recon.

A Go-based CLI tool that discovers in-scope URLs, measures endpoint latency, and generates clean reports with controlled rate, concurrency, and resource usage.

View GitHubRead DocsSee Demo

Command first

A CLI workflow that stays explicit.

EndpointRadar starts with a target, then runs with visible scope, throughput, and concurrency controls.

terminal
REPORT_READY
$ endpointradar \
  --target https://example.com \
  --depth 2 \
  --rate 5 \
  --concurrency 10

[OK] Scope locked to example.com

[OK] URL discovery started

[OK] Worker pool initialized

[OK] Metrics stream active

[OK] Report generated

Interactive scan flow

From target lock to report generation.

The browser demo is a frontend simulation only. It shows the profiling pipeline without scanning any external target.

Authorized target

https://example.com

Target
Scope Guard
Discovery
Workers
Metrics
Report
/page

200 - 92ms

/loginpage

200 - 184ms

/api/searchapi

200 - 923ms

/checkoutpage

200 - 811ms

/products/filterapi

200 - 706ms

/assets/app.jsskipped

static asset

https://cdn.example.net/lib.jsskipped

external URL

Metrics collector
/92ms
/login184ms
/api/search923ms
/checkout811ms

Status

IDLE

Core features

Built for focused measurement.

The MVP surfaces the controls and outputs that make the tool predictable during authorized profiling.

Controlled Throughput

Rate limit and concurrency are fully configurable.

Exact Scope Matching

Stay inside the authorized hostname.

Safe Discovery

Skip external links, static assets, fragments, and dangerous paths.

Latency Metrics

Measure status, duration, size, content type, and endpoint source.

Worker Pool Engine

Predictable execution with reusable HTTP client behavior.

Clean Reports

JSONL raw logs and CSV summary output.

Safety model

Built to measure, not to overwhelm.

Single-target by design. Controlled by default. EndpointRadar keeps profiling scoped, visible, and repeatable.

Scope Guard

Allowed host: example.com

/api/searchallowed
/checkoutallowed
https://cdn.example.net/lib.jsskipped
/assets/app.jsskipped

124

discovered

87

scanned

31

static skipped

6

external skipped

Responsible controls
Exact hostname matchingExternal link rejectionStatic asset skippingDangerous path filteringRate limiterConcurrency controlAuthorized target only

EndpointRadar is designed for authorized, single-target profiling. It uses explicit rate and concurrency controls to support predictable, responsible testing.

Report preview

Clean output for follow-up analysis.

The final report separates raw JSONL events from a quick slowest-endpoint summary.

JSONL stream

{"url":"/api/search","status":200,"duration_ms":923,"size":18420}

{"url":"/checkout","status":200,"duration_ms":811,"size":29310}

{"url":"/products/filter","status":200,"duration_ms":706,"size":14900}

Top 3 slowest endpoints
latency

1. /api/search

HTTP 200

923ms

2. /checkout

HTTP 200

811ms

3. /products/filter

HTTP 200

706ms

Explore EndpointRadar

EndpointRadar helps turn authorized endpoint profiling into a clear, controlled, reportable workflow.

View GitHubRead Documentation