Vulnerability Scanner

Initializing a Scan

The Scan Request endpoint is the method responsible for initializing the scan of a target. Upon request, it returns a unique analysis identifier that should be used later to verify the progress of the process, as well as information about the target host and the vulnerabilities found.

Scan jobs can be configured by passing an optional "preferences" object. To view the full list of options please visit:

Scan Preferences

Request

To request the endpoint, you must enter the required credentials, as shown in the following example:

Example cURL request - Initiating a scan with XSS and SQL tasks enabled

curl --location 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
 curl --location --request POST 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "url": "example.com",
    "preferences": {
        "scan_type" : "lite",
        "cms_brute_force": 0,
        "scan_speed": "fast",
        "web_brute_force": 0,
        "xss": true ,
        "sql": true ,
        "scan_deep" : 3 
    }
}'

Example cURL request - Initiating a scan with all crawler options enabled, SQL and XSS

curl --location 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data '{
 curl --location --request POST 'https://api.vscanner.ai/v1/api/scan' \
--header 'Authorization: Bearer <API_KEY>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "url": "example.com",
    "preferences": {
        "scan_type" : "lite",
        "scan_speed": "fast",
        "xss": true ,
        "sql": true ,
        "scan_deep" : 3,
        "crawler_options": {
            "exposed_emails": true ,
            "open_redirect": true ,
            "exposed_apikeys": true ,
            "open_directory": true ,
            "exposed_information": true ,
            "backdoor_detection": true ,
            "search_url_malware": true
        }
    }
}'

Example Python request - starting a Full scan

import requests
import json

api_key = <API_KEY>

url = "https://api.vscanner.ai/v1/api/scan"

payload = json.dumps({
  "url": "example.com",
  
  # The "preferences" is an optional object used to configure the scanner.
  # More information regarding each parameter can be found at:
  # https://docs.vscanner.ai/api-docs/vscanner-api-docs/vulnerability-scanner/scanner-preferences
  "preferences": {
    "scan_type": "full",
    "cms_brute_force": 0,
    "scan_speed": "fast",
    "web_brute_force": 0,
    "scan_deep": 3
  }
})
headers = {
  'Authorization': f'Bearer {api_key}',
  'Content-Type': 'application/json'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.json())

*Filling in the API_KEY value is mandatory.

Return

The request response, in JSON format, contains the identification of the analysis for monitoring and obtaining the result.

Successful response

{"enqueued_scan_id": "<SCANJOB_ID>"}

Getting Results for a Scan

The Fetch Scan by ID endpoint is the method responsible for returning the status, found vulnerabilities, and the percentage of completion of a certain scan. If the scan is in progress, you can still check the partial results.

You can also pass an optional language query parameter to determine the language of the returned response. Note: only vulnerability descriptions and remediations are translated. Currently VScanner supports the following languages:

Language query parameterLanguage

en

English

pt

Brazilian Portuguese

Scans not initiated

Scans might take some time to get picked up by our workers. On cases where a scan was received and is in the queue to be processed fetching the scan will return the following JSON:

{
    "detail" : "Scan not initiated yet"
}

Receiving this message does not indicate an error and the scan will be executed.

Request

To request the endpoint, you must enter the required credentials, as shown in the following example:

API Key Fetch Scan

GET https://api.vscanner.ai/v1/api/scan/<ENQUEUED_SCAN_ID>?language=en

Fetches the result of a given scan id.

Query Parameters

NameTypeDescription

language

String

Language of the returned vulnerability descriptions. 'pt' for Brazilian Portuguese and 'en' for English. Default: 'en'

issue_types

Boolean

Returns issues grouped by types. Default: false

Example cURL request

curl --location 'https://api.vscanner.ai/v1/api/scan/<ENQUEUED_SCAN_ID>?language=en?issue_types=true' \
--header 'Authorization: Bearer <API_KEY>'

Example Python request

import requests

api_key = <API_KEY>

enqueue_scan_id = <ENQUEUED_SCAN_ID>

url = f"https://api.vscanner.ai/v1/api/scan/{enqueue_scan_id}"

payload={}
headers = {
  'Authorization': f"Bearer {api_key}",
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.json())

*Filling in the API_KEY value is mandatory.

Return

The request response, in JSON format, contains the results and the status of the scan.

Successful response

For this example response, the URL: https://example.com was used.

JSON Response (Click to expand)

{
  "issuesSummaryTotal": 4,
  "issuesCategoriesSummary": {
    "misconfiguration": 3,
    "spoofing": 1
  },
  "issues": [
    {
      "group": "misconfiguration",
      "name": "The X-Frame-Options header is missing",
      "severity": "low",
      "cve": [],
      "cwe": [
        657
      ],
      "cvss": {
        "score": 3.5,
        "detail": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
      },
      "remediation": "The X-Frame-Options is an HTTP response header that aids in preventing clickjacking attacks by regulating how a website is rendered on another site's frame, iframe, or object. It has three potential values: 'SAMEORIGIN' (allows rendering on the same domain only), 'DENY' (blocks rendering on any origin), and 'ALLOW-FROM uri' (permits rendering only on a specified origin). To apply X-Frame-Options, add it to the HTTP response on your web server. The implementation varies with the web server software. For example, in Apache, add \"Header set X-Frame-Options 'SAMEORIGIN'\" to the .htaccess file. The 'SAMEORIGIN' value is advised for most websites, allowing intra-domain framing but blocking inter-domain ones.",
      "references": "https://cwe.mitre.org/data/definitions/657.html",
      "description": "The lack of the X-Frame-Options header in the response from the Web application server, makes it possible to hijack on the user's click, where through a malicious indexing of a page on an attacker's website, it could allow the hiding of this domain through an overlay, causing involuntary actions performed by a victim in the background.\nThis type of exploit could make other security vulnerabilities even more serious, such as turning a self-XSS into a reflected one. Self-XSS occurs when a certain user input field is not properly filtered, this type of exploitation that, in theory, would only happen on the attacker's computer and would have to require a lot of interaction from the victim to happen, in addition to just clicking or visiting the page as in other cases, however, the user click hijacking ends up hiding from the victim's eyes what he actually ends up doing,  this exploration can end up triggering what would simply be a self-XSS without any security impact, for a conventional one, such as the reflected one.",
      "raw": {}
    },
    {
      "group": "misconfiguration",
      "name": "X-XSS-Protection header is missing",
      "severity": "medium",
      "cve": [],
      "cwe": [
        79
      ],
      "cvss": {
        "score": 6.5,
        "detail": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
      },
      "remediation": "The X-XSS-Protection header in the web server response and a Web Application Firewall are recommended to prevent security vulnerabilities like XSS attacks. Adding the X-XSS-Protection header to all web pages can be done through server configuration or direct HTML code insertion. A typical setting, \"X-XSS-Protection: 1; mode=block\", activates browser's XSS protection and blocks any identified XSS attack.",
      "references": "https://cwe.mitre.org/data/definitions/79.html",
      "description": "The X-XSS-Protection header is missing, which could make it easier to Cross-site scripting (XSS) exploration, as on the reviewed site, does not have any filter that could prevent exploitation of this security hole. XSS vulnerability happens due to a parameter that is not well filtered and ends up reflecting entirely everything that is typed by the user via the URL, including HTML tags and JavaScript codes.\nIf successfully exploited this vulnerability could allow that an attacker could craft a fake page within the sitetrue what would bring about a legitimacy in the coup. Furthermore, as this is a flaw in the site, mechanisms for third party protection would be ineffective.\nIf the user's session is shared with other subdomains and the victim is logged in the moment they click the malicious link, an attacker who injected malicious code could capture the victim's session without having to collect passwords and would have the same access privileges as that user. This situation becomes even more serious if a certain session captured for some administrative access, which could cause the elevation of an attacker's privileges or the exploitation of otherssecurity flaws.",
      "raw": {}
    },
    {
      "group": "misconfiguration",
      "name": "X-Content-Type-Options header is missing",
      "severity": "medium",
      "cve": [],
      "cwe": [
        693
      ],
      "cvss": {
        "score": 5.4,
        "detail": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
      },
      "remediation": "Implement the X-Content-Type-Options header in the server response.",
      "references": "https://cwe.mitre.org/data/definitions/693.html",
      "description": "Failure to use X-Content-Type-Options header could allow an attacker to spoof a certain type of file that would be analyzed through MIME type detection, which could confuse the browser from its actual validation, where it would lead to the execution of othervulnerabilities such as Cross-site scripting. When a file does not have enough information to determine its origin, such as the presence of metadata, browsers determine the extension of that file, from its contents.\nThis type of behavior can become a security risk,if the browser misinterprets a given file in some form of uploading files, for example, a JPEG file could have been misinterpreted, if the content of your file existed HTML tags and Javascript codes, instead of the browser treating this extension as a corrupted image, would execute the codes typed by the user or in a malicious wayby falsifying a victim's request,  after clicking a fake link or visiting a website controlled by an attacker.",
      "raw": {}
    },
    {
      "group": "spoofing",
      "name": "The domain https://example.com may be vulnerable to email spoofing.",
      "severity": "medium",
      "cve": [],
      "cwe": [
        290
      ],
      "cvss": {
        "score": 5.3,
        "detail": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
      },
      "remediation": "Set up DMARC, DKIM, and SPF for email security. DMARC requires creating a record in your domain's DNS, detailing report address and message failure policy. DKIM involves generating a public/private key pair, publishing the public key in DNS as a TXT record, and configuring your email server to sign messages with the private key. SPF requires creating a DNS record that lists authorized email servers for your domain. Setup can vary with different email server software and hosting providers; check your specific setup's documentation.",
      "references": "https://cwe.mitre.org/data/definitions/290.html",
      "description": "Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Assistant: ['https://example.com has no SPF record!', 'No DMARC record found. Looking for organizational record', 'No organizational DMARC record']",
      "raw": {}
    }
  ],
  "identificator": "c8697aea-27dd-11ee-8393-86cc806e9f71",
  "issuesSummary": {
    "critical": 0,
    "high": 0,
    "medium": 3,
    "low": 1
  },
  "totalChecked": 23498,
  "information": {
    "services": [
      {
        "state": "open",
        "reason": "syn-ack",
        "name": "http",
        "product": "Edgecast CDN httpd",
        "version": "",
        "port": 80
      },
      {
        "state": "open",
        "reason": "syn-ack",
        "name": "http",
        "product": "Edgecast CDN httpd",
        "version": "",
        "port": 443
      },
      {
        "state": "closed",
        "reason": "reset",
        "name": "bnetgame",
        "product": "",
        "version": "",
        "port": ""
      },
      {
        "state": "closed",
        "reason": "reset",
        "name": "rtmp",
        "product": "",
        "version": "",
        "port": ""
      }
    ],
    "emails": [],
    "components": {
      "Amazon Web Services": null,
      "Azure CDN": null,
      "Amazon ECS": null,
      "Docker": null
    },
    "database": {},
    "web_server": {},
    "os": {},
    "cdn": "Azure CDN",
    "cms": null,
    "certificate": [
      {
        "Issue On": {
          "$date": 1673593200
        },
        "Expires On": {
          "$date": 1707893999
        },
        "commonName": "DigiCert TLS RSA SHA256 2020 CA1",
        "subject": "www.example.org",
        "sha1": "F2:AA:D7:3D:32:68:3B:71:6D:2A:7D:61:B5:1C:6D:57:64:AB:38:99",
        "sha256": "5E:F2:F2:14:26:0A:B8:F5:8E:55:EE:A4:2E:4A:C0:4B:0F:17:18:07:D8:D1:18:5F:DD:D6:74:70:E9:AB:60:96",
        "serial_number": "0c:1f:cb:18:45:18:c7:e3:86:67:41:23:6d:6b:73:f1",
        "subjectAltName": [
          "www.example.org",
          "example.net",
          "example.edu",
          "example.com",
          "example.org",
          "www.example.com",
          "www.example.edu",
          "www.example.net"
        ]
      },
      {
        "Issue On": {
          "$date": 1618380000
        },
        "Expires On": {
          "$date": 1933912799
        },
        "commonName": "DigiCert Global Root CA",
        "subject": "DigiCert TLS RSA SHA256 2020 CA1",
        "sha1": "1C:58:A3:A8:51:8E:87:59:BF:07:5B:76:B7:50:D4:F2:DF:26:4F:CD",
        "sha256": "52:27:4C:57:CE:4D:EE:3B:49:DB:7A:7F:F7:08:C0:40:F7:71:89:8B:3B:E8:87:25:A8:6F:B4:43:01:82:FE:14",
        "serial_number": "06:d8:d9:04:d5:58:43:46:f6:8a:2f:a7:54:22:7e:c4"
      }
    ],
    "waf": [
      "Edgecast (Verizon Digital Media)"
    ],
    "ips": [
      "93.184.216.34"
    ],
    "isp": "Verizon Business",
    "total_checked": 23498
  },
  "preferences": {
    "services_brute_force": 0,
    "web_brute_force": 0,
    "scan_type": "full",
    "leak_data_usage": 0,
    "scan_deep": 3,
    "cms_brute_force": 0,
    "search_in_web_cache": false,
    "scan_speed": "fast"
  },
  "percentage": "97.92",
  "startDate": "2023-07-21T15:46:39.867590Z",
  "endDate": null
}
JSON Response with `issue_types=true` (Click to expand)
{
    "issuesSummaryTotal": 4,
    "issuesCategoriesSummary": {
        "misconfiguration": 3,
        "spoofing": 1
    },
    "issues": {
        "headers": {
            "issues": [
                {
                    "group": "misconfiguration",
                    "name": "The X-Frame-Options header is missing",
                    "severity": "low",
                    "cve": [],
                    "cwe": [
                        657
                    ],
                    "cvss": {
                        "score": 3.5,
                        "detail": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
                    },
                    "remediation": "The X-Frame-Options is an HTTP response header that aids in preventing clickjacking attacks by regulating how a website is rendered on another site's frame, iframe, or object. It has three potential values: 'SAMEORIGIN' (allows rendering on the same domain only), 'DENY' (blocks rendering on any origin), and 'ALLOW-FROM uri' (permits rendering only on a specified origin). To apply X-Frame-Options, add it to the HTTP response on your web server. The implementation varies with the web server software. For example, in Apache, add \"Header set X-Frame-Options 'SAMEORIGIN'\" to the .htaccess file. The 'SAMEORIGIN' value is advised for most websites, allowing intra-domain framing but blocking inter-domain ones.",
                    "references": "https://cwe.mitre.org/data/definitions/657.html",
                    "description": "The lack of the X-Frame-Options header in the response from the Web application server, makes it possible to hijack on the user's click, where through a malicious indexing of a page on an attacker's website, it could allow the hiding of this domain through an overlay, causing involuntary actions performed by a victim in the background.\nThis type of exploit could make other security vulnerabilities even more serious, such as turning a self-XSS into a reflected one. Self-XSS occurs when a certain user input field is not properly filtered, this type of exploitation that, in theory, would only happen on the attacker's computer and would have to require a lot of interaction from the victim to happen, in addition to just clicking or visiting the page as in other cases, however, the user click hijacking ends up hiding from the victim's eyes what he actually ends up doing,  this exploration can end up triggering what would simply be a self-XSS without any security impact, for a conventional one, such as the reflected one.",
                    "raw": {}
                },
                {
                    "group": "misconfiguration",
                    "name": "X-XSS-Protection header is missing",
                    "severity": "medium",
                    "cve": [],
                    "cwe": [
                        79
                    ],
                    "cvss": {
                        "score": 6.5,
                        "detail": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
                    },
                    "remediation": "The X-XSS-Protection header in the web server response and a Web Application Firewall are recommended to prevent security vulnerabilities like XSS attacks. Adding the X-XSS-Protection header to all web pages can be done through server configuration or direct HTML code insertion. A typical setting, \"X-XSS-Protection: 1; mode=block\", activates browser's XSS protection and blocks any identified XSS attack.",
                    "references": "https://cwe.mitre.org/data/definitions/79.html",
                    "description": "The X-XSS-Protection header is missing, which could make it easier to Cross-site scripting (XSS) exploration, as on the reviewed site, does not have any filter that could prevent exploitation of this security hole. XSS vulnerability happens due to a parameter that is not well filtered and ends up reflecting entirely everything that is typed by the user via the URL, including HTML tags and JavaScript codes.\nIf successfully exploited this vulnerability could allow that an attacker could craft a fake page within the sitetrue what would bring about a legitimacy in the coup. Furthermore, as this is a flaw in the site, mechanisms for third party protection would be ineffective.\nIf the user's session is shared with other subdomains and the victim is logged in the moment they click the malicious link, an attacker who injected malicious code could capture the victim's session without having to collect passwords and would have the same access privileges as that user. This situation becomes even more serious if a certain session captured for some administrative access, which could cause the elevation of an attacker's privileges or the exploitation of otherssecurity flaws.",
                    "raw": {}
                },
                {
                    "group": "misconfiguration",
                    "name": "X-Content-Type-Options header is missing",
                    "severity": "medium",
                    "cve": [],
                    "cwe": [
                        693
                    ],
                    "cvss": {
                        "score": 5.4,
                        "detail": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"
                    },
                    "remediation": "Implement the X-Content-Type-Options header in the server response.",
                    "references": "https://cwe.mitre.org/data/definitions/693.html",
                    "description": "Failure to use X-Content-Type-Options header could allow an attacker to spoof a certain type of file that would be analyzed through MIME type detection, which could confuse the browser from its actual validation, where it would lead to the execution of othervulnerabilities such as Cross-site scripting. When a file does not have enough information to determine its origin, such as the presence of metadata, browsers determine the extension of that file, from its contents.\nThis type of behavior can become a security risk,if the browser misinterprets a given file in some form of uploading files, for example, a JPEG file could have been misinterpreted, if the content of your file existed HTML tags and Javascript codes, instead of the browser treating this extension as a corrupted image, would execute the codes typed by the user or in a malicious wayby falsifying a victim's request,  after clicking a fake link or visiting a website controlled by an attacker.",
                    "raw": {}
                }
            ]
        },
        "smtp_spoofing": {
            "issues": [
                {
                    "group": "spoofing",
                    "name": "The domain https://example.com may be vulnerable to email spoofing.",
                    "severity": "medium",
                    "cve": [],
                    "cwe": [
                        290
                    ],
                    "cvss": {
                        "score": 5.3,
                        "detail": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
                    },
                    "remediation": "Set up DMARC, DKIM, and SPF for email security. DMARC requires creating a record in your domain's DNS, detailing report address and message failure policy. DKIM involves generating a public/private key pair, publishing the public key in DNS as a TXT record, and configuring your email server to sign messages with the private key. SPF requires creating a DNS record that lists authorized email servers for your domain. Setup can vary with different email server software and hosting providers; check your specific setup's documentation.",
                    "references": "https://cwe.mitre.org/data/definitions/290.html",
                    "description": "Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Assistant: ['https://example.com has no SPF record!', 'No DMARC record found. Looking for organizational record', 'No organizational DMARC record']",
                    "raw": {}
                }
            ]
        }
    },
    "identificator": "f8fd4e06-5164-11ee-a5a3-0a03e0f5f0de",
    "issuesSummary": {
        "critical": 0,
        "high": 0,
        "medium": 3,
        "low": 1
    },
    "totalChecked": 24117,
    "information": {
        "services": [
            {
                "state": "open",
                "reason": "syn-ack",
                "name": "http",
                "product": "Edgecast CDN httpd",
                "version": "",
                "port": 80
            },
            {
                "state": "open",
                "reason": "syn-ack",
                "name": "http",
                "product": "Edgecast CDN httpd",
                "version": "",
                "port": 443
            },
            {
                "state": "closed",
                "reason": "reset",
                "name": "bnetgame",
                "product": "",
                "version": "",
                "port": ""
            },
            {
                "state": "closed",
                "reason": "reset",
                "name": "rtmp",
                "product": "",
                "version": "",
                "port": ""
            }
        ],
        "emails": [],
        "components": {
            "Azure": null,
            "Docker": null,
            "Amazon Web Services": null,
            "Amazon ECS": null,
            "DigiCert": null,
            "Azure CDN": null
        },
        "database": {},
        "web_server": {},
        "os": {},
        "cdn": null,
        "cms": null,
        "certificate": [
            {
                "Issue On": {
                    "$date": 1673593200.0
                },
                "Expires On": {
                    "$date": 1707893999.0
                },
                "commonName": "DigiCert TLS RSA SHA256 2020 CA1",
                "subject": "www.example.org",
                "sha1": "F2:AA:D7:3D:32:68:3B:71:6D:2A:7D:61:B5:1C:6D:57:64:AB:38:99",
                "sha256": "5E:F2:F2:14:26:0A:B8:F5:8E:55:EE:A4:2E:4A:C0:4B:0F:17:18:07:D8:D1:18:5F:DD:D6:74:70:E9:AB:60:96",
                "serial_number": "0c:1f:cb:18:45:18:c7:e3:86:67:41:23:6d:6b:73:f1",
                "subjectAltName": [
                    "www.example.org",
                    "example.net",
                    "example.edu",
                    "example.com",
                    "example.org",
                    "www.example.com",
                    "www.example.edu",
                    "www.example.net"
                ]
            },
            {
                "Issue On": {
                    "$date": 1618380000.0
                },
                "Expires On": {
                    "$date": 1933912799.0
                },
                "commonName": "DigiCert Global Root CA",
                "subject": "DigiCert TLS RSA SHA256 2020 CA1",
                "sha1": "1C:58:A3:A8:51:8E:87:59:BF:07:5B:76:B7:50:D4:F2:DF:26:4F:CD",
                "sha256": "52:27:4C:57:CE:4D:EE:3B:49:DB:7A:7F:F7:08:C0:40:F7:71:89:8B:3B:E8:87:25:A8:6F:B4:43:01:82:FE:14",
                "serial_number": "06:d8:d9:04:d5:58:43:46:f6:8a:2f:a7:54:22:7e:c4"
            }
        ],
        "waf": [
            "Edgecast (Verizon Digital Media)"
        ],
        "ips": [
            "93.184.216.34"
        ],
        "isp": "Verizon Business",
        "total_checked": 24117
    },
    "preferences": {
        "scan_type": "full",
        "leak_data_usage": 0,
        "cms_brute_force": 0,
        "scan_speed": "fast",
        "web_brute_force": 0,
        "search_in_web_cache": false,
        "scan_deep": 3
    },
    "percentage": "100.00",
    "startDate": "2023-09-12T12:07:41.099421Z",
    "endDate": "2023-09-12T12:13:52.026544Z"
}

List scans

Lists all scans for a given user. Scans initiated through the dashboard will also appear here.

Request

Example cURL request

curl --location 'https://api.vscanner.ai/v1/api/list_scans' \
--header 'Authorization: Bearer <API_KEY>'

Example Python request

import requests

api_key = <API_KEY>

url = "https://api.vscanner.ai/v1/api/list_scans"

payload={}
headers = {
  'Authorization': f"Bearer {api_key}",
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.json())

*Filling in the API_KEY value is mandatory.

Return

The request response, in JSON format, contains a list of objects with identifier and the date when the scan started.

Successful response

JSON (Click to expand)


[
    {
        "url": "example.com",
        "scans": [
            {
                "id": "c8697aea-27dd-11ee-8393-86cc806e9f71",
                "startDate": 1689954399,
                "progress": 95.83
            },
            {
                "id": "fdeaa720-27d8-11ee-8393-86cc806e9f71",
                "startDate": 1689952342,
                "progress": 100.0
            },
            {
                "id": "6057209a-1ff6-11ee-90ac-6e4807aa4dd0",
                "startDate": 1689085353,
                "progress": 100.0
            }
        ],
        "total": 3
    },
    {
        "url": "testphp.vulnweb.com",
        "scans": [
            {
                "id": "42492b9a-27d8-11ee-8393-86cc806e9f71",
                "startDate": 1689952027,
                "progress": 100.0
            },
            {
                "id": "c76e8ca6-2748-11ee-b52c-62dd9b1e49be",
                "startDate": 1689890403,
                "progress": 100.0
            }
        ],
        "total": 2
    }
]

Issue Groups

Each vulnerability found by VScanner is referred to as an 'issue'. Every issue discovered belongs to a specific category, identified by its group ID.

Below is a table that lists all possible group IDs that VScanner can return, along with their respective descriptions.

Group IDIssue Group Description

gain_information

Exposed files such as (.env, .config.json, API Keys, etc) found on the target

weak_components

Outdated software versions

xss

Cross Site Scripting

sql_injection

SQL Injection

open_directory

Permission failure in the server application that allows reading files, or downloading them

url_malware

When links or redirects are found on the page that point to known malware resources

generic_cve

Software vulnerable to known CVEs

misconfiguration

Misconfigured or missing HTTP response headers

weak_autentication

Successful brute-force attack (only returned if web_brute_force parameter is passed on scanner preferences)

open_redirect

Open redirect vulnerability

subdomain_takeover

Returned if a targets subdomain returns 404. This may indicate that subdomain takeover is possible on the affected subdomain

spoofing

Returned if the target domain does not have DMARC, SPF or DKIM properly configured for the target domain

Scan Controls

Pause, resume or stop a running scan.

The following are the available controls currently allowed by VScanner.

Control ParameterDescription

pause

Pauses a running scan

resume

Resumes a paused scan

stop

Stops a running scan

Controls a running scan

POST https://api.vscanner.ai/v1/api/scan_control

Request Body

NameTypeDescription

scan_id*

String

Scan ID of a running scan

control*

String

Which control to send to scanner. Refer to the table above for allowed parameters

{
    "result": "pause"
}

Get current scan control state

Use this endpoint if you need to check if a scan is running, paused or stopped.

Get scan control

GET https://api.vscanner.ai/v1/api/scan_control/{scan_id}

Query Parameters

NameTypeDescription

scan_id*

String

Scan ID

{
    "control": "stop"
}
PreviousAuthenticationNextScan Preferences

Last updated