Search

Contact Us

Log in

For API Scanning

API Vulnerability Scanning

If you have a Single-Page Application that makes XMLHttpRequests (XHR) to an API, Probely will seamlessly follow those requests and scan the API endpoints.

If instead, your APIs integrates with more than one application or with 3rd parties, you will probably need to fully test the API, as you will most likely have a standalone API.

The main difference between these two use-cases lies in the crawler. In the case of a standalone API, it doesn’t need to navigate a web application. Instead, an API schema file is parsed to ensure complete coverage.

We support APIs defined by OpenAPI/Swagger schema files or Postman Collections.

Development team working on a web application

Single Schema File URL

Schema file URL configuration dialog screenshot

Define the schema file URL once, and a new version will be fetched before each scan. There is no need to upload a new schema file every time the API changes.

Schema file URL configuration dialog screenshot

Dynamic Authentication

API Authentication configuration dialog screenshot

If your API requires an authentication token for all requests, which is retrieved beforehand from an authentication endpoint, Probely supports this.

API Authentication configuration dialog screenshot

Attribute Custom Values

API Custom values configuration dialog screenshot

You can set custom values for the attributes used in your schema file.


API Custom values configuration dialog screenshot

Try Probely for free