How can I'm optimise my request !? REST API

arestonov's Avatar

arestonov

12 Apr, 2017 05:53 PM

Hello please tell me what can I'm optimise in my request to REST API because scanner work fine but sometimes he get ERROR 500 CODE and I'm can't delete scan or do something maybe I'm have problem in my request! Please take a look.

request = urllib2.Request(settings.rest_api_server_url[0] + "/scans")
            request.add_header('Content-Type', 'application/json')

            data = {'url': url, 'checks': ['sql_injection'],
                    "http": {
                        "user_agent": ["Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"]},
                    "audit": {"elements": ["links", "forms", "cookies", "headers", "jsons", "xmls", "ui_inputs", "ui_forms"]}}

I'm search only for SQL Injections and need fast but very stable scan, what can I'm do better that scanner work more stable ?

  1. Support Staff 1 Posted by Tasos Laskos on 13 Apr, 2017 01:15 PM

    Tasos Laskos's Avatar

    What does the error say?
    Also, the user_agent option expects a string, not an array of strings.

  2. 2 Posted by dave on 21 Apr, 2017 02:10 PM

    dave's Avatar

    Hi, in the same way than arestonov : where can we find documentation that describes values we can affect to the POST data parameters?
    I also want to optimize my REST API scan (default values generate 100000 requests and this doesn't end up) and would try for example to change "check" parameter... but which different values are possible?

    Thanks,

    Dave

  3. Support Staff 3 Posted by Tasos Laskos on 23 Apr, 2017 01:32 PM

    Tasos Laskos's Avatar

    The checks parameter accepts the same values as the --checks CLI argument but as an array rather than CSV.

    About option documentation, see:

  4. Tasos Laskos closed this discussion on 12 May, 2017 12:44 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac