Scans
Operations done on Scans
Base URL
https://app.pentest-tools.com/api/v2
- Method
- get
- Path
- /scans
Query parameters
- Property
- workspace_id
- Type
- integer
ID of the workspace to show scans from. If not set, the scans from the active workspace (set in the web interface) will be returneed.
- Property
- target_id
- Type
- integer
ID of the target to show scans from
- Property
- limit
- Type
- integer
the maximum number of scans to return
- Property
- page
- Type
- integer
the page number to return
Responses
Request
curl --request GET \
--url https://app.pentest-tools.com/api/v2/scans \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- post
- Path
- /scans
Request parameters
- Content type
- application/json
- Property
- tool_id
- Type
- integer
- required
- Yes
- Property
- target_id
- Type
- integer | null
only one of target_id and target_name should be used
- Property
- target_name
- Type
- string | null
only one of target_id and target_name should be used
- Property
- workspace_id
- Type
- integer | null
Workspace where the scan is started. It has to match the workspace ID of the target
- Property
- max_scan_time
- Type
- integer
- min
- 5
- max
- 1440
Maximum number of minutes that the scan should run. Not supported by: Sniper, tools with short scan duration (like Website Recon or ICMP Ping).
- Property
- report_callback
- Type
- object
Send the report in a specific format to this URL when the scan finishes
- Property
- scan_original_url
- Type
- boolean
- default
- false
If true, the original URL is passed to the scanner, even if it redirects. If false, the redirected URL will be scanned instead.
- Property
- redirect_level
- Type
- string
- default
- "same_domain"
Possible values:
none- the target is passed directly to the scannercheck_accessibility- the target is checked for accessibility and an error is thrown on any redirectsame_host- only redirects within the same host are allowedsame_domain- redirects to subdomains are allowedallow_all- any redirects are allowed
When starting a scan on a workspace with a VPN profile attached, the default value is set to none and no other values are allowed
- Property
- tool_params
- Type
- object
Responses
Request
curl --request POST \
--url https://app.pentest-tools.com/api/v2/scans \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- get
- Path
- /scans/{id}
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of scan
Responses
Request
curl --request GET \
--url https://app.pentest-tools.com/api/v2/scans/{id} \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- delete
- Path
- /scans/{id}
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of scan
Responses
Request
curl --request DELETE \
--url https://app.pentest-tools.com/api/v2/scans/{id} \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- get
- Path
- /scans/{id}/output
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of scan
Responses
Request
curl --request GET \
--url https://app.pentest-tools.com/api/v2/scans/{id}/output \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- get
- Path
- /scans/{id}/raw
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of scan
Responses
Request
curl --request GET \
--url https://app.pentest-tools.com/api/v2/scans/{id}/raw \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'- Method
- post
- Path
- /scans/{id}/stop
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of the scan
Responses
Request
curl --request POST \
--url https://app.pentest-tools.com/api/v2/scans/{id}/stop \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'