VulnAPI is an open-source Dynamic Application Security Testing (DAST) tool designed to help developers and security engineers scan APIs for common vulnerabilities and weaknesses before attackers can exploit them.
Scan methods
Discover command
Before scanning, use the discover command to fingerprint a target API: detect exposed files, well-known paths, GraphQL endpoints, OpenAPI specs, and the underlying framework, language, and server.
What it detects
Reports
Each scan produces a detailed report per operation with risk level, CVSS 4.0 score, OWASP category, and a description of every finding.
Additional features
--proxy flag or HTTP_PROXY / HTTPS_PROXY environment variables--sqa-opt-outThis tool is intended for authorised security testing and educational purposes only. Never scan systems you do not own or have explicit written permission to test.
You are about to open
Do you wish to proceed?
Thank you for your report. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
On Debian 9 (Stretch) and newer, snap can be installed directly from the command line:
sudo apt update
sudo apt install snapd
After this, install the snapd snap in order to get the latest snapd:
sudo snap install snapd
To install VulnAPI, simply use the following command:
sudo snap install vulnapi
Browse and find snaps from the convenience of your desktop using the snap store snap.
Interested to find out more about snaps? Want to publish your own application? Visit snapcraft.io now.