Skip to main content

API Scanner

Users can identify potential vulnerabilities and improve IoT network security.

Access API Scanner via the Navigation Menu

note

Users can scan using VAPT Tools via the "VAPT Tools" navigation menu. By clicking on the "VAPT Tools" menu, various tools will appear, then click API Scanner tool.

Select API Scanner Navbar Capture

API Scanner Capture

To scan using the API Scanner, users can follow the steps below.

  1. Enter the task name in the Task Name textbox
  2. Input the target value in the form of domain/URL/IPs
  3. Input the endpoint in the Endpoint Path textbox (optional)
  4. Select the Scan Option – Full Scan or Basic Scan
  5. Choose the API Definition type (WADL, RAML, Postman Collection, Swagger 2, or OpenAPI 3)
  6. Select the API Definition Source, URL or File, and provide the corresponding link or upload the file
  7. Click the agree Terms of Service checkbox
  8. Click the Apply button to start the scan

Access API Scanner Via Targets Page

note

The selected target will be scanned with the available tools. Select API Scanner Tool

Select API Scanner Capture

API Scanner Capture

To scan using the Scanner API, users can follow the steps below.

  1. Enter the task name in the Task Name textbox
  2. Input the endpoint in the Endpoint Path textbox (optional)
  3. Select the Scan Option – Full Scan or Basic Scan
  4. Choose the API Definition type (WADL, RAML, Postman Collection, Swagger 2, or OpenAPI 3)
  5. Select the API Definition Source, URL or File, and provide the corresponding link or upload the file
  6. Click the agree Terms of Service checkbox
  7. Click the Start Scan button to start the scan or click Cancel if you want to cancel

Running an Authenticated Scan with API Scanner

Cookies Capture Users can follow the following steps.

  1. After enabling the authentication feature
  2. Enter the Login Form URL, the authentication endpoint that issues tokens (e.g., https://loginapi.vulnapp.id/tokens)
  3. Enter the Login Request Payload, the login request body in the format the API expects (commonly JSON). Example JSON: {"username":"user1","password":"pass1"}
    note

    Helium does not store any data/credentials on this feature, requests are handled in real-time.

  4. Enter the Auth Token Location, the location of the token in the login response using dot notation for nested fields (e.g., access.token.id)
  5. Enter the Auth Header Name, the HTTP header the scanner will use to send the token (e.g., X-Auth-Token or Authorization)
  6. Enter the Auth Prefix (optional), prefix to include before the token if required (e.g., Bearer: token)
  7. Check the box "I am authorized to scan this target and I agree to the Terms of Service."
  8. Click APPLY to start the authenticated scan