How can I'm optimise my request !? REST API

arestonov's Avatar

arestonov

12 Apr, 2017 05:53 PM

Hello please tell me what can I'm optimise in my request to REST API because scanner work fine but sometimes he get ERROR 500 CODE and I'm can't delete scan or do something maybe I'm have problem in my request! Please take a look.

request = urllib2.Request(settings.rest_api_server_url[0] + "/scans")
            request.add_header('Content-Type', 'application/json')

            data = {'url': url, 'checks': ['sql_injection'],
                    "http": {
                        "user_agent": ["Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"]},
                    "audit": {"elements": ["links", "forms", "cookies", "headers", "jsons", "xmls", "ui_inputs", "ui_forms"]}}

I'm search only for SQL Injections and need fast but very stable scan, what can I'm do better that scanner work more stable ?

  1. Support Staff 1 Posted by Tasos Laskos on 13 Apr, 2017 01:15 PM

    Tasos Laskos's Avatar

    What does the error say?
    Also, the user_agent option expects a string, not an array of strings.

  2. 2 Posted by dave on 21 Apr, 2017 02:10 PM

    dave's Avatar

    Hi, in the same way than arestonov : where can we find documentation that describes values we can affect to the POST data parameters?
    I also want to optimize my REST API scan (default values generate 100000 requests and this doesn't end up) and would try for example to change "check" parameter... but which different values are possible?

    Thanks,

    Dave

  3. Support Staff 3 Posted by Tasos Laskos on 23 Apr, 2017 01:32 PM

    Tasos Laskos's Avatar

    The checks parameter accepts the same values as the --checks CLI argument but as an array rather than CSV.

    About option documentation, see:

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac