Skip to content

Latest commit

 

History

History
175 lines (169 loc) · 5.33 KB

README.md

File metadata and controls

175 lines (169 loc) · 5.33 KB

Offensity API Client

This python3 script makes use of our API, allowing to export scanprofiles, reports and issue data.

Authentication

A token based authentication is used to authenticate clients. Tokens can be obtained in your account settings (see API Tokens)

Ratelimit

The API is rate limited to 100 requests per second per user.

Quick start

git clone https://github.com/offensity/offensity-api-client
cd offensity-api-client
python3 -m pip install -r requirements.txt
python3 example.py --token <YOUR_OFFENSITY_API_TOKEN> --verbose

Files

The core logic lies within the offensity_api_client.py script and example.py just demonstrates how to initialize it and make use of the methods.

Methods overview

Method ReturnType Fields
scanprofiles_list iterable[dict]
  • is_enabled [bool](optional)
    • None Both enabled & disabled (default)
    • True Only enabled scanprofiles
    • None Only disabled scanprofiles
scanprofile_details dict
  • scanprofile_id [str](mandatory)
    • scanprofile_json.get("id")
report_list iterable[dict]
  • status [str](optional)
    • started Scan in progress
    • cancelled Scan was cancelled
    • success Scan finished (default)
report_list_for_scanprofile iterable[dict]
  • scanprofile_id [str](mandatory)
    • scanprofile_json.get("id")

  • status [str](optional)
    • started Scan in progress
    • cancelled Scan was cancelled
    • success Scan finished (default)
latest_report_for_scanprofile dict
  • scanprofile_id [str](mandatory)
    • scanprofile_json.get("id")

  • status [str](optional)
    • started Scan in progress
    • cancelled Scan was cancelled
    • success Scan finished (default)
report_details dict
  • report_id [str](mandatory)
    • report_json.get("id")
issues dict
  • report_id [str](mandatory)
    • report_json.get("id")
infrastructure_data iterable[dict]
  • report_id [str](mandatory)
    • report_json.get("id")

  • query [str](optional)
    • ip
    • subdomain
    • port
    • service
    • version
    • webtech
    • issues
    • risk
    • statuscode

  • query examples:
    • "ip:127.0.0.1" | "ip:127.0.0.*" | "ip:127.0.0.1/24"
    • "port:21" | "port:53/tcp" | "port:53/udp"
    • "service:*http*" | "service:ssl/http"
    • "subdomain:www.example.com" | "subdomain:*dev*"
    • "version:nginx*" | "version:'Apache httpd'
    • "webtech:Django" | "webtech:Word*"
    • "issues:SSL" | "issues:'SQL Injection'"
    • "risk:critical" | "risk:low"
    • "statuscode:200" | "statuscode:500" | "statuscode:404"