Pentest-Tools.com LogoPentest-Tools.com API Reference

Findings

Operations done on Findings

Base URL

https://app.pentest-tools.com/api/v2

Authorization

Use the "API key" from the profile page as the token

Endpoints

Method
get
Path
/findings

Get all findings

Query parameters

Property
workspace_id
Type
integer

ID of the workspace to show findings from.

Property
target_id
Type
integer

ID of the target to show findings from

Property
task_id
Type
integer

ID of the scan to show findings from

Responses

500Internal server error

Request

GET
/findings
curl --request GET \
  --url https://app.pentest-tools.com/api/v2/findings \
  --header 'accept: application/json' \
  --header 'authorization: Bearer {token}'

Response

[
  {
    "id": 420233,
    "name": "Vulnerabilities found for Apache Httpd 2.4.10",
    "test_description": "Checking for SQL Injection...",
    "test_finished": true,
    "confirmed": true,
    "cve": [
      "CVE-2017-3167",
      "CVE-2019-0217"
    ],
    "vuln_description": "Vulnerabilities found for Apache Httpd 2.4.25 (port 80/tcp)",
    "vuln_evidence": {
      "type": "text",
      "data": {}
    },
    "risk_description": "",
    "risk_level": 1,
    "status": "open",
    "recommendation": "",
    "verified": true,
    "vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
    "owasp": {
      "owasp_2017": "",
      "owasp_2021": ""
    },
    "cwe": "",
    "port": 1,
    "protocol": "TCP",
    "service": "AMQP"
  }
]

OK

Method
get
Path
/findings/{id}

Get finding information by ID

Path parameters

Property
id
Type
integer
required
Yes

id of finding to get

Responses

500Internal server error

Request

GET
/findings/{id}
curl --request GET \
  --url https://app.pentest-tools.com/api/v2/findings/{id} \
  --header 'accept: application/json' \
  --header 'authorization: Bearer {token}'

Response

{
  "id": 420233,
  "name": "Vulnerabilities found for Apache Httpd 2.4.10",
  "test_description": "Checking for SQL Injection...",
  "test_finished": true,
  "confirmed": true,
  "cve": [
    "CVE-2017-3167",
    "CVE-2019-0217"
  ],
  "vuln_description": "Vulnerabilities found for Apache Httpd 2.4.25 (port 80/tcp)",
  "vuln_evidence": {
    "type": "text",
    "data": {}
  },
  "risk_description": "",
  "risk_level": 1,
  "status": "open",
  "recommendation": "",
  "verified": true,
  "vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
  "owasp": {
    "owasp_2017": "",
    "owasp_2021": ""
  },
  "cwe": "",
  "port": 1,
  "protocol": "TCP",
  "service": "AMQP"
}

OK