Skip to main content

Reference

Scan Parameters

Example

Here is an example of a ScanParams object:

scan:
blacklist:
routes:
- path: "/a/path/to/blacklist"
method: GET
- path: "/another/path/to/blacklist"
method: POST
hotstart:
- |-
POST /register HTTP/1.1
Host: example.com
Content-Type: application/json
Content-Length: 194

{"my": "data"}
- |+
GET /users HTTP/1.1
Host: example.com
Content-Type: application/json
Content-Length: 194

profile: surface | marketing | cicd | default | deep | unrestricted
read_only: true | false
scalars:
SSET:
description: The Super Secret Example Token is internal to our company and should
never been exposed by any APIs.
examples:
- SSET-ABC12
names:
- SSET
- super_secret_example_token
- SuperSecretExampleToken
parents:
- String
patterns:
- SSET-[A-Z0-9]{5}
sensitivity: HIGH
detection: key_or_value_strict
entropy: 2

BlackListParams

PropertyTypeRequiredDescriptionReference
routesBlacklistRouteRuleFalseBlacklistRouteRule
querystringFalse
mutationstringFalse
subscriptionstringFalse
objectsstringFalse

BlacklistRouteRule

PropertyTypeRequiredDescriptionReference
methodstringFalseThe method is an HTTP method (GET, POST, PUT, DELETE, etc.).
pathstringFalseThe path is a valid OpenAPI path.

ScanParams

PropertyTypeRequiredDescriptionReference
profileScanProfileFalseThe scan profileScanProfile
read_onlybooleanFalseThe choosen mode for the tested API. Default mode is read-write and suited to development environment. The read_only mode is safe for production environments, but will reduce the number of tests performed and the scan coverage..
hotstartstringFalseRaw queries to hotstart the API exploration.
blacklistBlackListParamsFalseThe operations that will be skipped by security tests. See more in the dedicated documentation section..BlackListParams
scalarsDict[string, CustomScalarParams]FalseThe user's defined scalars.CustomScalarParams
api_typeApiTypeFalseApiType
null_is_unauthenticatedbooleanFalseIn order to improve error inference, on some scans we want to be able to consider that a null aswerimplies that the request should have been authenticated
hotstart_onlybooleanFalseIf true, the scan will only perform the hotstart phase and stop after.
force_full_scanbooleanFalseWill perform a full scan, without listening your API health and timeout. It may degrade your results quality but will unsure that all your operations are checked.
frontend_scopes_regexesstringFalseThe list of extra regexes to match the frontend scopes.
frontend_base_urlsDict[string, integer]FalseA map of additional base URLs to scan with their respective depth.

ScanProfile

  • surface
  • marketing
  • cicd
  • default
  • deep
  • unrestricted

Client Parameters

Example

Here is an example of a ClientParams object:

client:
proxy:
type: escape | http | repeater
request_timeout: 5
requests_per_minute: 50 * 60

ClientParams

PropertyTypeRequiredDescriptionReference
request_timeoutintegerFalseThe maximum timeout duration for each request (in seconds). See more in the dedicated documentation section.
requests_per_minuteintegerFalseThe maximum number of request per minute. Which will be used on a per second window.
proxyRepeaterProxyType HTTPProxyType EscapeProxyTypeFalseThe Proxy to use for the requests. See more in the Scan Internal APIs documentation section.