API Vulnerability Scanner from Pentest-Tools.com

Developed by a dedicated team within Pentest-tools.com that has proven hands-on experience in penetration testing and other offensive security work, our new API Vulnerability Scanner is a cutting-edge tool for accurate, deep security examinations of API interfaces.

Having worked on building this tool, software engineer Mihai Pasca highlights its precision in parsing spec files, making tailored testing match API behaviors, and getting results that give you new clues about where to dig deeper:

Tool highlights:

  • Comprehensive vulnerability detection: the scanner identifies vulnerabilities like SQL Injection, Broken Authentication, XML External Entity injection, and many more, using a strong stack of custom-made detectors.
  • Spec file parsing: support for both OpenAPI specifications and Postman Collections. Provide the tool with an API spec, either through a URL or an uploaded file, and it efficiently extracts all endpoints and parameters.
  • Convenient reporting: easily export your findings in various formats, such as PDF, HTML, CSV, XLSX, or DOCX. Each report offers a risk-coded summary, detailed evidence of vulnerabilities, remediation advice, and a full list of performed tests.
  • Regular updates and additions: our 9-engineer team feeds constant improvements into this tool. For instance, we’ve recently included GraphQL API support.

From uncovering Broken Authentication and NoSQL Injection, this tool provides a thorough examination of your API’s security and performance. 

Interested in diving deeper? Mihai’s video demo showcases the tool’s prowess, and you can access a sample report on the tool page.

    Do you own a specialized tool regarding cyber security and want to share it? in that case just send it over and we’ll post it.


    Related articles​

    KnowBe4 Security Awareness Training and Simulated ..

    BY Adina Harabagiu
    Old school Security Awareness Training doesn’t hack it anymore. Today, your employees are frequently exposed..

    Threats Exposures Management from Orange Business ..

    BY Adina Harabagiu
    Threats Exposures Management (TEM) is a security solution offered by Orange Business, that uses artificial ..

    Business Internet Security from Orange Business ..

    BY Adina Harabagiu
    Business Internet Security (BIS) is a Managed Security Service offered by Orange Business Services, available ..