Quick Endpoint Scan

Quick Endpoint Scan - Bugdazz API Scanner

You can now quickly scan API endpoints that are not part of any collections to check for any vulnerabilities. This scan is not much different from scanning a collection, only difference is while using this feature, you need to have an API endpoint along with its parameter (if exists).  

Page Structure & Features 

A. Endpoint Listing - Allows users to view previous scans and search for a specific endpoint scan. 

Search Bar – Filters results upon clicking the search button. 

API Scan Listing – Displays previous scans in descending order based on the last scan date. 

B. API Endpoint Input Form - Users enter API details and initiate a scan. 

Scan Button – Opens a test selection tab for attack type selection. 

Scan Selection – Users choose tests and start the scan or modify request details. 

C. Results Tab - Displays scan results and allows downloading of reports. 

Scan Information Table: 

Scan Duration 

Scan Performed By 

Last Scan Date 

Vulnerability Statistics - A pie chart visualization of detected vulnerabilities. 

Vulnerability List - Displays vulnerabilities in descending order of severity. 

Filters: Severity filter, Title filter. 

Detailed View- Clicking a vulnerability opens a detailed report in a new tab (same as Collection Feature report). 

Download Report Options - HTML, PDF, XLS 

Steps to scan a single API endpoint

Step 1: How to reach this module. 

In the navigation sidebar, you will find an item “Quick API Scan”. Click this button to access the scanning module. 

Step 2: How to input the API data. 

Now you will see an input form to enter the API details like URL, Header, Params along with the type of API (Eg. Get, Post, Patch, Delete) 

Step 3: Test case selection 

Click the scan now button next to URL bar, and the test case selection window will appear. Select the test cases from multiple test cases available and choose the throttle to save the same and move forward. 

Step 4: Scan execution and results. 

Click scan now and the scan will start running according to set headers and parameters and results will be populated in the results section next to Parameters tab. 

Step 5: Understanding vulnerability details and report download.  

All the vulnerabilities found in the scan are listed in the vulnerability table and you can click the vulnerability to open its detailed report in the new tab. You can also download the report in available formats (PDF, HTML, XLS) and use the report for further escalations in your team. 

 

FAQs: 

Q – Where can I see past/ previous execution results of an Endpoint? 

A – No, previous execution data is not available, when you rescan an endpoint, the results can overwritten and previous results are not there in the system anymore. 

Q – How many endpoints can be scanned by this quick scan feature? 

A – If you are on a trial plan, you can scan only 2 times, while standard and enterprise license users can scan unlimited times. 

Discard
Save
Draft
Edit Page New Page Revisions Page Settings

Previous Page

Left

Next Page

Right

On this page