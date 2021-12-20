Website Scan
This API page refers to the new website scanner engine developed in-house by our team. For more information about tests, please check out our dedicated support article.
Parameters
|Name
|Type
|Description
|Value
tool_id
|Integer
|The id of this tool
170
target
|String
|The URL that will be scanned
scan_type
|String
|The type of scan that you want to be performed
|-
ptt_engine (current engine)
-
light
options[attack][active]
|Array[String]
|A list of active test names to run against.
By default this has every test enabled.
|-
all - Enables all the tests in the category
-
xss - XSS tests
-
sqli - SQL Injection
-
lfi - Local File Inclusion
-
oscmdi - OS Command Injection
options[attack][passive]
|Array[String]
|A list of passive test names to run against.
By default this has every test enabled.
|-
all - Enables all the tests in the category
-
security_headers - Security Headers
-
cookie_security - Cookie Security
-
directory_listing - Directory Listing
-
secure_communication - Secure Communication
-
weak_password_submission - Weak Password Submission Method
-
error_debug_messages - Commented code/Error codes
-
password_cleartext - Clear Text Submission of Credentials
-
cross_domain_source - Verify Domain Sources
-
mixed_content - Mixed Encryptions Content
-
sensitive_data - Sensitive Data Crawl
-
login_interfaces - Find Login Interfaces
options[discovery]
|Array[String]
|A list of discovery test names to run against.
By default this has every test enabled.
|-
all - Enables all the tests in the category
-
fingerprint - Fingerprint Website
-
software_vulnerabilities - Server Software Vulnerabilities
-
check_robots - Check for Robots.txt
-
outdated_js - JavaScript libraries
-
untrusted_certificates - SSL/TLS Certificates
-
client_access_policies - Client access policies
-
http_debug_methods - HTTP Debug Methods Enabled
-
resource_discovery - Resource Discovery
options[spider][exclude_urls]
|Array[String]
|A list of urls test names to run against.
By default this is an empty list representing no paths should be excluded.
options[spider][approach]
|String
|The crawling style to apply for the spidering process.
|-
classic - (default)
-
spa - (currently unavailable, in beta tests)
options[spider][limits][depth]
|Integer
|The maximum depth measured by number of
/ that the scanner crawls and scans.
|This is
10 by default.
options[requests_per_second]
|Integer
|The maximum number of requests the scanner can make in a second.
|This is
10000 by default. Accepted values are from 1 to 10000.
Start scan examples
This first example shows a very basic implementation. The request starts the scan with every test turned on, and the default values for the other settings.
{
"op": "start_scan",
"tool_id": 170,
"target": "http://demo.pentest-tools.com/webapp/",
"tool_params": {
"scan_type": "ptt_engine"
}
}
In the second example the structure for an advanced implementation is shown. Pay attention to how the string arrays are expected in the json.
{
"op": "start_scan",
"tool_id": 170,
"target": "http://demo.pentest-tools.com/webapp/",
"tool_params": {
"scan_type": "ptt_engine",
"options": {
"spider": {
"approach": "classic",
"limits": {
"depth": 10
},
"exclude_urls": "http://demo.pentest-tools.com/webapp/logout"
},
"attack": {
"active": ["sqli", "xss"],
"passive": []
},
"discovery": ["all"],
"requests_per_second": 6000
}
}
}