Skip to main content

Introduction

The Pentest-Tools.com REST API lets you manage targets, run scans, retrieve findings, and generate reports programmatically. Use it to integrate security scanning into your existing tools and workflows.

What you can do

Targets

View all targets from a workspace, get details for one, or create new targets.

Scans

Start scans, stop them, get status updates, or retrieve full scan results.

Workspaces

Get details for all workspaces, view a specific one, or create new ones.

Findings

Access vulnerability findings and their details.

Reports

Generate and download reports in PDF, DOCX, HTML, JSON, CSV, or XLSX format.

And More

HTTP loggers, VPN profiles, wordlists, and finding templates.

API base URL

https://app.pentest-tools.com/api/v2

Quick start

1. Get your API key

Generate an API key from My account > API in the web application.
API access requires a plan that includes it. Check your plan details if you receive a 403 error.

2. Make your first request

curl -X GET "https://app.pentest-tools.com/api/v2/targets" \
  -H "Authorization: Bearer YOUR_API_KEY"

3. Start a scan

curl -X POST "https://app.pentest-tools.com/api/v2/scans" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"tool_id": 170, "target_name": "https://example.com"}'

Available endpoints

ResourceEndpointOperations
Targets/targetsList, create, get, delete
Scans/scansList, start, get, stop, delete
Scan Output/scans/{id}/outputGet JSON results
Scan Raw Output/scans/{id}/rawGet raw output
Findings/findingsList, get details, screenshots
Workspaces/workspacesList, create, get, update, delete
Reports/reportsList, create, get, download, delete
HTTP Loggers/http_loggersList, create, get, delete, get/clear data
VPN Profiles/vpn_profilesList
Wordlists/wordlistsList, get, delete, get contents
Finding Templates/public/finding_templatesList (public)

Response format

Most successful responses return JSON with data wrapped in a data field: 
{
  "data": {
    "id": 12345,
    "name": "example.com",
    "status": "finished"
  }
}
For list endpoints, the response includes an array: 
{
  "data": [
    { "id": 1, "name": "target1.com" },
    { "id": 2, "name": "target2.com" }
  ]
}
Three endpoints skip the data wrapper and return raw content: GET /reports/{id}/download streams the report file, GET /scans/{id}/output with Accept: application/pdf returns a PDF, and GET /scans/{id}/raw with Accept: text/plain returns plain text.
Error responses use a different format. See Limits and Errors for details.

Rate limits

API requests are rate limited per user:
Request TypeLimit
GET requests250/minute
POST/DELETE requests125/minute
/scans/{id}/output60/minute
See Limits and Errors for full details.

OpenAPI schema

This API reference is based on our public OpenAPI schema, available at: 
https://app.pentest-tools.com/api-schema.yml
You can use this schema with tools like Postman, Insomnia, or code generators.
The schema omits the data wrapper. Every actual JSON response includes it, so {"data": {...}} or {"data": [...]} is what you’ll get, regardless of what the schema declares.

Support

If you have questions about the API, contact us at support@pentest-tools.com.

Next steps