How shadowaudit found 269 shadow routes in Ghost CMS
· 3 min read
We ran shadowaudit against Ghost CMS — a popular open-source Node.js blogging platform — to see how it performs on a production-grade Express codebase.
Why Ghost CMS?
Ghost is a real production app, not a toy boilerplate. It powers publications like 404Media, Platformer, and The Browser. It has:
- A large Express.js API surface (admin API, content API, members API, webhooks)
- Custom auth middleware (
mw.authAdminApi) - Complex route mounting patterns
- A security disclosure policy
If shadowaudit can handle Ghost, it can handle most Express codebases.
