Bolt

Immediate visibility: See real API calls as you click around any site—no apps to install, no proxies to setup, no traffic rerouting.
‍Signal over noise: Filters high‑confidence endpoints (not CSS, JS, images) so you can focus on what matters.
‍Spec on demand: Export a well‑formed open API spec
OpenAPI spec from observed traffic in one click.
‍Faster recon: Flip to Parameter Mode to enumerate parameters and where they’re used.
‍Safe scoping: Set a base URL boundary (e.g., api.example.com) to keep discovery in-bounds.
‍Authorized Testing Only — Use Bolt only on systems you own or have explicit permission to test.

Traffic Mode
1. Hit Start and browse normally; Bolt listens to browser traffic and instantly lists calls.
2. Use filters: Raw, Base URL Only, or High‑Confidence Endpoints, or refine with your own custom filters.
3. Click any item to view method, path, parameters, and sample payloads.
4. Switch to Parameter Mode to see a consolidated parameter inventory and usage.
5. Click Export to download an OpenAPI spec for everything captured.
Documentation Mode
1. Provide a Starting URL (any docs page) and a Sandbox/Scope path to restrict crawling.
2. Bolt queues and processes pages, pulling out endpoints and verbs as results populate in real time.

Do I need a proxy or agent?
No. Bolt captures what your browser is already doing—no MITM, no cert install.‍
What kinds of APIs show up?
Any HTTP(S) API traffic your browser makes (REST, JSON, etc.), plus endpoints parsed from documentation pages in Documentation Mode.
Can I scope what gets captured?
Yes. Use the Base URL boundary in Traffic Mode or Sandbox path in Documentation Mode.
Can I export a spec?
Yes. Click Export to download an OpenAPI spec built from what Bolt observed.
Is Bolt really free?
Yes. Bolt is completely free. We only ask for feedback to improve it.
Is there a performance impact?
Bolt is lightweight and shows a memory bar so you can stay within Chrome’s 10 MB extension limit.

Join the Beta Now