Getting Comfortable with Acunetix APIs
The Acunetix API is a great way to create your own customised tools to manage the Acunetix functionality.
This document will walk you through using the API Documentation to try out the available API functions for you to perform unit tests to assist you with creating your own tools. You can download the API Documentation here.
Assumptions: You will need to have an installation of Acunetix installed on the same machine where you will be deploying the environment discussed here.
For this example, we will use the API Documentation to retrieve a list of Scans using the "getScans" function through the "/scans" endpoint.
Load the API Documentation file into your browser and using the left-hand-sidebar, scroll down to the section entitled "API Methods - Scans" and click on the "getScans" item.
This will take you to the documentation for this particular function, complete with a sample of the "curl" command line you can use to simulate an API call for your unit testing. In this example, the suggested command is:
curl -X GET -H "X-Auth: [[apiKey]]" "https://127.0.0.1:3443/api/v1/scans?c=&l=&q=&s=" |
As you can see, the URL is pointing to 127.0.0.1:3443 - if you wish to point this request to an installation of Acunetix that is on some other host, you will need to replace the IP Address appropriately.
Also, you will need to substitute the "[[apiKey]]" with your Acunetix API Key, which can be obtained from the Profile page of your Acunetix UI:
...where clicking the "Copy" button will copy your API Key into the clipboard. Now you can replace it into your command line:
curl -X GET -H "X-Auth: 1986ad8c0a5b3df4d7028d5f3c0abcdeffce628fc6a24411491808049a33e872d" "https://127.0.0.1:3443/api/v1/scans?c=&l=&q=&s=" |
Now we need to adjust the parameters following the "?" in the URL.
The simplest form of this request would be to make the request without any parameters:
curl -X GET -H "X-Auth: 1986ad8c0a5b3df4d7028d5f3c0abcdeffce628fc6a24411491808049a33e872d" "https://127.0.0.1:3443/api/v1/scans" |
...which will give you a full list of all the scans. You can use the "-k" option for "curl" to overcome some certificate-check related challenges:
curl -X GET -k -H "X-Auth: 1986ad8c0a5b3df4d7028d5f3c0abcdeffce628fc6a24411491808049a33e872d" "https://127.0.0.1:3443/api/v1/scans" |
Here is an example extract of a response to such a request:
{ "pagination": { "count": 5, "cursor_hash": "8f629dd49f910b9202eb0da5d51fdb6e", "cursors": [ null ], "sort": null }, "scans": [ { "criticality": 10, "current_session": { "acusensor": true, "event_level": 1, "progress": 100, "scan_session_id": "89bcd86a-0b58-4a6b-b60d-72f2351e33ba", "severity_counts": { "high": 8, "info": 6, "low": 12, "medium": 11 }, "start_date": "2020-03-06T10:27:45.859166+00:00", "status": "completed", "threat": 3 }, "incremental": false, "max_scan_time": 0, "next_run": null, "profile_id": "11111111-1111-1111-1111-111111111111", "profile_name": "Full Scan", "report_template_id": null, "scan_id": "86b995f2-63fb-48e0-a785-b335bc372bfa", "schedule": { "disable": false, "history_limit": null, "recurrence": null, "start_date": null, "time_sensitive": false, "triggerable": false }, "target": { "address": "http://testaspnet.vulnweb.com/", "criticality": 10, "description": "Test ASP .NET Site", "type": "default" }, "target_id": "2841ec02-1e15-4454-8417-f03f836b13c4" }, { "criticality": 10, "current_session": { "event_level": 1, "progress": 100, "scan_session_id": "8a12502d-3251-421d-a89a-1856e198a870", "severity_counts": { "high": 11, "info": 4, "low": 7, "medium": 8 }, "start_date": "2020-03-06T10:27:16.613259+00:00", "status": "completed", "threat": 3 }, "incremental": false, "max_scan_time": 0, "next_run": null, "profile_id": "11111111-1111-1111-1111-111111111111", "profile_name": "Full Scan", "report_template_id": null, "scan_id": "1c3a1c3f-c242-4585-8ea0-99c9086591e6", "schedule": { "disable": false, "history_limit": null, "recurrence": null, "start_date": null, "time_sensitive": false, "triggerable": false }, "target": { "address": "http://testasp.vulnweb.com/", "criticality": 10, "description": "Test ASP Site", "type": "default" }, "target_id": "9fc16bf7-7bad-4208-94a4-5da5f6c623ad" }, |
The first part of the response contains pagination information; the second part (of which we can only see a part here) contains information of all the scans that match the request; in this case it will contain ALL the scans since we have not applied any filters (or the first 100 scans since the API allows for a maximum limit of 100 scan responses per request).