ScanSuite
  • Introduction
  • Architecture
  • Installation
    • Technical Requirements
    • Install ScanSuite server
    • Set up DefectDojo
    • Troubleshooting
    • SSL/TLS Setup
  • Administration
    • Setup parameters and services
    • Configuring API keys for external systems
    • User administration
    • Security logs
  • Usage
    • Products
    • Static Code Analysis
      • Git repository authentication
      • Scheduling Periodic and Incremental Scans
      • (Optional) Compiling the code
      • Executing the AI Powered Scan
    • Managing scan execution
    • Working with scan results
      • Checking for exploitable vulnerabilities
      • Export to Securitm
    • Credentials
    • Web App Scanning
      • Authenticated scans
      • Web API scans
    • Infrastructure Checks
    • Schedule the scan
    • Custom Rules
    • Assets
  • Versions History
    • v 1.0
    • v 1.1
    • v 1.2
Powered by GitBook
On this page
  1. Usage
  2. Web App Scanning

Web API scans

PreviousAuthenticated scansNextInfrastructure Checks

Last updated 7 days ago

To run an API scan specify the URL path to OpenAPI specification and choose API scanner. It will parse the specification and execute the scan against discovered routes and parameters.

Both Cookies and Authorization header supported by this scan.