Findings
Operations done on Findings
Base URL
https://app.pentest-tools.com/api/v2
Authorization
Use the "API key" from the profile page as the token
Endpoints
- Method
- get
- Path
- /findings
Query parameters
- Property
- workspace_id
- Type
- integer
ID of the workspace to show findings from.
- Property
- target_id
- Type
- integer
ID of the target to show findings from
- Property
- task_id
- Type
- integer
ID of the scan to show findings from
- Property
- group_duplicates
- Type
- boolean
Group duplicates to show only the latest finding from each group.
Responses
400Invalid parameters
500Internal server error
Request
GET
/findingscurl --request GET \
--url https://app.pentest-tools.com/api/v2/findings \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'Response
{
"data": []
}OK
- Method
- get
- Path
- /findings/{id}
Path parameters
- Property
- id
- Type
- integer
- required
- Yes
id of finding to get
Responses
500Internal server error
Request
GET
/findings/{id}curl --request GET \
--url https://app.pentest-tools.com/api/v2/findings/{id} \
--header 'accept: application/json' \
--header 'authorization: Bearer {token}'Response
{
"data": {
"id": 420233,
"name": "Vulnerabilities found for Apache Httpd 2.4.10",
"test_description": "Checking for SQL Injection...",
"test_finished": true,
"confirmed": true,
"in_cisa_catalog": true,
"cve": [
"CVE-2017-3167",
"CVE-2019-0217"
],
"vuln_description": "Vulnerabilities found for Apache Httpd 2.4.25 (port 80/tcp)",
"vuln_evidence": {
"type": "text",
"data": {}
},
"risk_description": "…",
"risk_level": 1,
"status": "open",
"recommendation": "…",
"references": [
"…"
],
"verified": true,
"vuln_id": "NETSCAN-SNIPER-CVE-2021-42013-RCE",
"owasp": {
"owasp_2017": "…",
"owasp_2021": "…",
"owasp_2025": "…"
},
"cwe": "…",
"port": 1,
"protocol": "TCP",
"service": "AMQP"
}
}OK