Probely offers comprehensive scanning for Single-Page Applications that use XMLHttpRequests (XHR) to communicate with an API, efficiently tracking and scanning API endpoints. This ensures that interactions between the application and the API are thoroughly examined for vulnerabilities.
For APIs that are integrated with multiple applications or third-party services, a more extensive testing approach is necessary. This is particularly true for standalone APIs, which do not require navigation through a web application. In these scenarios, Probely utilizes an API schema file to guide the scanning process, ensuring all aspects of the API are covered.
Probely supports API definitions using OpenAPI/Swagger schema files or Postman Collections, facilitating a flexible and robust approach to API vulnerability scanning, tailored to accommodate various API architectures and integration patterns.
With Probely, managing your API schema becomes a breeze. Simply define the schema file URL once, and Probely will automatically fetch the latest version before each scan. Gone are the days of manually uploading a new schema file every time your API undergoes changes. Probely streamlines the process, saving you time and effort while ensuring accurate and up-to-date security assessments.
If your API requires an authentication token for all requests, which is retrieved beforehand from an authentication endpoint, Probely supports this.
Probely enables you to define custom values for attributes within your schema file, granting you flexibility and control over your application's data structure.
