VulnAPI: An Open-Source API Security Vulnerability Scanner
Summary
VulnAPI is an open-source DAST tool designed to help developers and security professionals identify common security vulnerabilities and weaknesses in their APIs. By leveraging its powerful scanning capabilities, users can proactively detect and mitigate potential threats, ensuring their APIs remain secure against exploitation. It supports various scanning methods, including Curl-like commands and OpenAPI contracts, making it versatile for different API testing scenarios.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
VulnAPI is a powerful, open-source Dynamic Application Security Testing (DAST) tool specifically crafted to scan APIs for common security vulnerabilities and weaknesses. Developed by CerberAuth, this scanner empowers you to proactively identify and address security flaws before they can be exploited by malicious actors. Written in Go, VulnAPI offers robust performance and integrates seamlessly into your security testing workflows.
Installation
Getting started with VulnAPI is straightforward. To download and install the scanner, please refer to the comprehensive Installation documentation on the official VulnAPI website. This guide provides detailed instructions to help you set up the tool quickly and efficiently.
Examples
VulnAPI offers flexible methods for scanning your APIs, catering to different testing needs. Below are examples of its key functionalities.
Discover Command
Before initiating a full scan, the discover command helps you gather useful information about your target API, including OpenAPI definitions, GraphQL endpoints, well-known paths, and potentially exposed files. The output provides a clear table detailing discovered endpoints, technologies, and services.
vulnapi discover api [API_URL]
Scanning with Curl-like CLI
For direct and flexible scanning, VulnAPI allows you to use Curl-like commands, making it easy to adapt existing curl requests for security testing.
vulnapi scan curl [API_URL] [CURL_OPTIONS]
Example:
vulnapi scan curl -X POST https://vulnapi.cerberauth.com/vulnerable/api -H "Authorization: Bearer eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJzdWIiOiIxMjM0NTY3ODkwIiwiaWF0IjoxNTE2MjM5MDIyfQ."
Scanning with OpenAPI Contracts
For more structured and comprehensive API testing, VulnAPI can leverage OpenAPI contracts to define API endpoints for scanning, ensuring thorough coverage based on your API's specification.
echo "[JWT_TOKEN]" | vulnapi scan openapi [PATH_OR_URL_TO_OPENAPI_FILE]
Example:
vulnapi scan openapi https://vulnapi.cerberauth.com/vulnerable/.well-known/openapi.json
Detailed Output
Upon completion, VulnAPI generates detailed reports, clearly outlining detected vulnerabilities, their risk levels, CVSS scores, and corresponding OWASP categories. This structured output helps prioritize and address security issues effectively.
Why Use VulnAPI?
VulnAPI stands out as an essential tool for API security for several reasons. It provides dynamic analysis, identifying vulnerabilities that might be missed during static code reviews. Its support for both Curl-like commands and OpenAPI contracts offers unparalleled flexibility for various API architectures. By integrating VulnAPI into your CI/CD pipeline, you can automate security testing, catch issues early, and maintain a robust security posture for your APIs. Furthermore, being open-source, it benefits from community contributions and transparency, ensuring continuous improvement and reliability.
Links
Explore VulnAPI further through these official resources: