Get finding information by ID

GET

findings

{id}

curl --request GET \
  --url https://app.pentest-tools.com/api/v2/findings/{id} \
  --header 'Authorization: Bearer <token>'

{
  "data": {
    "id": 420233,
    "name": "Vulnerabilities found for Apache Httpd 2.4.10",
    "test_description": "Checking for SQL Injection...",
    "test_finished": true,
    "confirmed": true,
    "epss_score": 123,
    "epss_percentile": 123,
    "in_cisa_catalog": true,
    "cve": [
      "CVE-2017-3167",
      "CVE-2019-0217"
    ],
    "cvss": 123,
    "cvssv3": 123,
    "vuln_description": "Vulnerabilities found for Apache Httpd 2.4.25 (port 80/tcp)",
    "vuln_evidence": {
      "type": "text",
      "data": {
        "headers": [
          "<string>"
        ],
        "rows": [
          [
            "<string>"
          ]
        ]
      }
    },
    "risk_description": "<string>",
    "risk_level": 0,
    "status": "open",
    "recommendation": "<string>",
    "references": [
      "<string>"
    ],
    "verified": true,
    "vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
    "owasp": {
      "owasp_2017": "<string>",
      "owasp_2021": "<string>",
      "owasp_2025": "<string>"
    },
    "cwe": "<string>",
    "port": 32767,
    "protocol": "TCP",
    "service": "AMQP",
    "target_id": 12345,
    "task_id": 54321,
    "screenshots": 1
  }
}

Authorizations

Authorization

string

header

required

Use the "API key" from the profile page as the token

Path Parameters

integer

required

id of finding to get

Response

data

object

required

Show child attributes

Get finding tests by IDGet all tests associated with a finding.

⌘I

Get finding information by ID

curl --request GET \
  --url https://app.pentest-tools.com/api/v2/findings/{id} \
  --header 'Authorization: Bearer <token>'

{
  "data": {
    "id": 420233,
    "name": "Vulnerabilities found for Apache Httpd 2.4.10",
    "test_description": "Checking for SQL Injection...",
    "test_finished": true,
    "confirmed": true,
    "epss_score": 123,
    "epss_percentile": 123,
    "in_cisa_catalog": true,
    "cve": [
      "CVE-2017-3167",
      "CVE-2019-0217"
    ],
    "cvss": 123,
    "cvssv3": 123,
    "vuln_description": "Vulnerabilities found for Apache Httpd 2.4.25 (port 80/tcp)",
    "vuln_evidence": {
      "type": "text",
      "data": {
        "headers": [
          "<string>"
        ],
        "rows": [
          [
            "<string>"
          ]
        ]
      }
    },
    "risk_description": "<string>",
    "risk_level": 0,
    "status": "open",
    "recommendation": "<string>",
    "references": [
      "<string>"
    ],
    "verified": true,
    "vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
    "owasp": {
      "owasp_2017": "<string>",
      "owasp_2021": "<string>",
      "owasp_2025": "<string>"
    },
    "cwe": "<string>",
    "port": 32767,
    "protocol": "TCP",
    "service": "AMQP",
    "target_id": 12345,
    "task_id": 54321,
    "screenshots": 1
  }
}

Using the API

API reference

Authorizations

Path Parameters

Response