The Scan Request endpoint is the method responsible for initializing the scan of a target. Upon request, it returns a unique analysis identifier that should be used later to verify the progress of the process, as well as information about the target host and the vulnerabilities found.
Scan jobs can be configured by passing an optional "preferences" object. To view the full list of options please visit: Scan Preferences
Request
To request the endpoint, you must enter the required credentials, as shown in the following example:
API Key Scan Request
POSThttps://api.vscanner.ai/v1/api/scan
Body
application/json
preferencesobject
urlstring
Response
const response = await fetch('https://api.vscanner.ai/v1/api/scan', {
method: 'POST',
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
"preferences": {
"cms_brute_force": 0,
"scan_deep": 3,
"scan_speed": "fast",
"scan_type": "full",
"web_brute_force": 0
},
"url": "example.com"
}),
});
const data = await response.json();
Example cURL request - Initiating a scan with XSS and SQL tasks enabled
curl --location 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
curl --location --request POST 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data-raw '{
"url": "example.com",
"preferences": {
"scan_type" : "lite",
"cms_brute_force": 0,
"scan_speed": "fast",
"web_brute_force": 0,
"xss": true ,
"sql": true ,
"scan_deep" : 3
}
}'
Example cURL request - Initiating a scan with all crawler options enabled, SQL and XSS
curl --location 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
curl --location --request POST 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data-raw '{
"url": "example.com",
"preferences": {
"scan_type" : "lite",
"scan_speed": "fast",
"xss": true ,
"sql": true ,
"scan_deep" : 3,
"crawler_options": {
"exposed_emails": true ,
"open_redirect": true ,
"exposed_apikeys": true ,
"open_directory": true ,
"exposed_information": true ,
"backdoor_detection": true ,
"search_url_malware": true
}
}
}'
Example Python request - starting a Full scan
import requests
import json
api_key = <API_KEY>
url = "https://api.vscanner.ai/v1/api/scan"
payload = json.dumps({
"url": "example.com",
# The "preferences" is an optional object used to configure the scanner.
# More information regarding each parameter can be found at:
# https://docs.vscanner.ai/api-docs/vscanner-api-docs/vulnerability-scanner/scanner-preferences
"preferences": {
"scan_type": "full",
"cms_brute_force": 0,
"scan_speed": "fast",
"web_brute_force": 0,
"scan_deep": 3
}
})
headers = {
'Authorization': f'Bearer {api_key}',
'Content-Type': 'application/json'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.json())
*Filling in the API_KEY value is mandatory.
Return
The request response, in JSON format, contains the identification of the analysis for monitoring and obtaining the result.
Successful response
{"enqueued_scan_id": "<SCANJOB_ID>"}
Comments
0 comments
Please sign in to leave a comment.