Acunetix Scanner API

The Acunetix Scanner API allows you to access and manage Scan Targets, Scans, Vulnerabilities, Reports and other resources within an Acunetix Vulnerability Scanner deployment in a simple, programmatic manner using conventional HTTP requests. The API's endpoints are intuitive and powerful, allowing you to easily retrieve information and execute actions.
Scan Targets will constitute the base for accessing any Scan-related resource such as Scans, Reports, Alerts and Crawl results. Therefore, upon deletion of a Scan Target, all associated resource will also be deleted with it.
Visit www.acunetix.com to learn more about Acunetix Vulnerability Scanner.

Version	1.1.3
URL	https://www.acunetix.com/support
Contact	support@acunetix.com
License	Acunetix EULA

Authentication

All authenticated requests made to the Acunetix Scanner API must include the X-Auth HTTP header.

Location	Header
Name	`X-Auth`

Endpoints

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Targets. The returned list will be paginated if the number of elements exceeds 100

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query

Responses

Code	Description	Body
200	Target list	{ Targets list targets: [ { all of: { address: string (host\|url) Target URL or hostname description: string Target description type: string The type of the target (default, network or demo) Enum: Array [3] 0: "default" 1: "demo" 2: "network" criticality: integer Target criticality (Critical [30], High [20], Normal [10], Low [0]) Enum: Array [4] 0: "30" 1: "20" 2: "10" 3: "0" } { target_id: string (uuid) Target unique identifier scan_authorization: { url: string (url) content: string } continuous_mode: boolean Continuous Mode enabled last_scan_date: string (date) Last date the Target was scanned on last_scan_id: string (uuid) Last Scan unique identifier for the Target last_scan_session_id: string (uuid) last_scan_session_status: string severity_counts: { high: integer High-severity Vulnerability count medium: integer Medium-severity Vulnerability count low: integer Low-severity Vulnerability count info: integer Informational Alert count } threat: integer links: [ Target quick-access links (last scan, report) { rel: string Name or type of relation href: string (url) Location of related item } ] manual_intervention: boolean Target requires manual intervention verification: string The verification status of the target (none, auto, admin or demo) } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Creates a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`address *`	Target URL or hostname	string (`host\|url`)	body
`description`	Target description	string	body
`type`	The type of the target (default, network or demo)	string	body
`criticality`	Target criticality (Critical [30], High [20], Normal [10], Low [0])	integer	body

Responses

Code Description Body Headers

201

Target created

{

all of:

{

address:

string (host|url)

Target URL or hostname

description:

string

Target description

type:

string

The type of the target (default, network or demo)

Enum:

Array [3]

0: "default"

1: "demo"

2: "network"

criticality:

integer

Target criticality (Critical [30], High [20], Normal [10], Low [0])

Enum:

Array [4]

0: "30"

1: "20"

2: "10"

3: "0"

}

{

target_id:

string (uuid)

Target unique identifier

scan_authorization:

{

url:

string (url)

content:

string

}

continuous_mode:

boolean

Continuous Mode enabled

last_scan_date:

string (date)

Last date the Target was scanned on

last_scan_id:

string (uuid)

Last Scan unique identifier for the Target

last_scan_session_id:

string (uuid)

last_scan_session_status:

string

severity_counts:

{

high:

integer

High-severity Vulnerability count

medium:

integer

Medium-severity Vulnerability count

low:

integer

Low-severity Vulnerability count

info:

integer

Informational Alert count

}

threat:

integer

links:

[

Target quick-access links (last scan, report)

{

rel:

string

Name or type of relation

href:

string (url)

Location of related item

}

]

manual_intervention:

boolean

Target requires manual intervention

verification:

string

The verification status of the target (none, auto, admin or demo)

}

Name	Schema
`Location`	string (url) Target URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Target properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Target properties	{ all of: { address: string (host\|url) Target URL or hostname description: string Target description type: string The type of the target (default, network or demo) Enum: Array [3] 0: "default" 1: "demo" 2: "network" criticality: integer Target criticality (Critical [30], High [20], Normal [10], Low [0]) Enum: Array [4] 0: "30" 1: "20" 2: "10" 3: "0" } { target_id: string (uuid) Target unique identifier scan_authorization: { url: string (url) content: string } continuous_mode: boolean Continuous Mode enabled last_scan_date: string (date) Last date the Target was scanned on last_scan_id: string (uuid) Last Scan unique identifier for the Target last_scan_session_id: string (uuid) last_scan_session_status: string severity_counts: { high: integer High-severity Vulnerability count medium: integer Medium-severity Vulnerability count low: integer Low-severity Vulnerability count info: integer Informational Alert count } threat: integer links: [ Target quick-access links (last scan, report) { rel: string Name or type of relation href: string (url) Location of related item } ] manual_intervention: boolean Target requires manual intervention verification: string The verification status of the target (none, auto, admin or demo) } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/targets/{target_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`address *`	Target URL or hostname	string (`host\|url`)	body
`description`	Target description	string	body
`type`	The type of the target (default, network or demo)	string	body
`criticality`	Target criticality (Critical [30], High [20], Normal [10], Low [0])	integer	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Target modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/targets/{target_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Target deleted	{ target_deletion_allowance: integer target_deletion_consumed: boolean }
204	Target deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/continuous_scan \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns the Continuous Scan status of a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Continuous Scan status	{ enabled: boolean }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/continuous_scan \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Sets the Continuous Scan status of a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`enabled *`	No description.	boolean	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Continuous Scan status set	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/sensor/reset \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Resets the AcuSensor secret of a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`secret`	No description.	string (`md5`)	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Target AcuSensor secret reset	{ AcuSensor secret reset (random secret generated if none set) secret: string (md5) }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/sensors/{sensor_type}/{sensor_secret} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Downloads the generated AcuSensor file of a Target

Consumes	Produces
`application/json`	`application/octet-stream`

Parameters

Name	Description	Type	Location
`sensor_type *`	See more.	string	path
`sensor_secret *`	See more.	string	path

Responses

Code	Description	Body
200	Target AcuSensor file
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/allowed_hosts \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Allowed Hosts of a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Allowed Hosts list	{ List of Allowed Hosts hosts: [ { target_id: string (uuid) Target unique identifier address: string (host\|url) Target URL or hostname description: string Target description } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/allowed_hosts \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Adds Allowed Hosts to a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id`	No description.	string (`uuid`)	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Allowed Host added	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/allowed_hosts/{allowed_target_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes an Allowed Host from a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path
`allowed_target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Allowed Host deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a Target's configuration

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Target Configuration properties	{ issue_tracker_id: string (uuid\|empty) limit_crawler_scope: boolean Limit crawling to Target URI and sub-directories only login: { kind: string Form Authentication method (None, Automatic, Sequence) Enum: Array [3] 0: "none" 1: "automatic" 2: "sequence" credentials: { enabled: boolean User account is enabled username: string User account username password: string User account SHA256 password hash } } sensor: boolean AcuSensor configured sensor_secret: string AcuSensor secret ssh_credentials: { kind: string SSH authentication method Enum: Array [3] 0: "none" 1: "key" 2: "password" username: string SSH host username port: integer (int32) SSH host port password: string SSH host password ssh_key: string SSH key key_password: string SSH key passphrase } proxy: { System proxy settings protocol: string Proxy protocol Enum: Array [1] 0: "http" address: string (host) Proxy address port: integer Proxy port username: string Proxy username password: string Proxy password enabled: boolean Proxy enabled } authentication: client_certificate_password: string Client Certificate password scan_speed: string HTTP request send rate (Fast, Moderate, Slow, Sequential) Enum: Array [4] 0: "fast" 1: "moderate" 2: "slow" 3: "sequential" case_sensitive: string Case-sensitive crawling Enum: Array [3] 0: "yes" 1: "no" 2: "auto" technologies: [ Technologies enumerated string Enum: Array [10] 0: "ASP" 1: "ASP.NET" 2: "PHP" 3: "Perl" 4: "Java/J2EE" 5: "ColdFusion/Jrun" 6: "Python" 7: "Rails" 8: "FrontPage" 9: "Node.js" ] custom_headers: [ Custom HTTP headers set string (header) ] custom_cookies: [ (0..10) Custom cookies set { cookie: string Custom Cookies value url: string (url) Custom Cookies URL } ] excluded_paths: [ Paths excluded from the Scan scope string (path_match) ] user_agent: string User-agent string set debug: boolean Debug mode excluded_hours_id: string (uuid\|empty) }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies a Target's configuration

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`configuration`	See more.		body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Target Configuration modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

Description

Downloads the Login Sequence file of a Target

Consumes	Produces
`application/json`	`application/octet-stream`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Login Sequence
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

Description

Returns a list of a Target's Login Sequence properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Login Sequence properties	{ upload_id: string (uuid) Uploaded file unique identifier name: string (filename) Uploaded file name size: integer (int32) Uploaded file size status: boolean Uploaded file status current_size: integer Uploaded file current size }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/login_sequence \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Sets a Login Sequence for a Target

After the operation completes the Login Sequence file (.lsr format) needs to be uploaded via a POST request to the URL returned in the response using application/octet-stream Content-Type within a timeout period. To apply the Login Sequence once uploaded, update the Target's configuration

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name`	File name	string (`filename`)	body
`size`	File size in bytes	integer (`int32`)	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Login Sequence temporary file upload URL	{ Temporary file upload URL upload_url: string (url) }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

Description

Un-sets and Deletes Login Sequence for a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Login Sequence unset and deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/client_certificate \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a Target's Client Certificate properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Client Certificate properties	{ upload_id: string (uuid) Uploaded file unique identifier name: string (filename) Uploaded file name size: integer (int32) Uploaded file size status: boolean Uploaded file status current_size: integer Uploaded file current size }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/client_certificate \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Sets a Client Certificate for a Target

After the operation completes, the Client Certificate file (PKCS12 format) needs to be uploaded via a POST request to the URL returned in the response using an application/octet-stream Content-Type within a timeout period. To apply the Client Certificate once uploaded, update the Target's configuration

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name`	File name	string (`filename`)	body
`size`	File size in bytes	integer (`int32`)	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Temporary Client Certificate file upload URL	{ Temporary file upload URL upload_url: string (url) }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/client_certificate \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Un-sets and Deletes a Client Certificate and its password for a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Client Certificate and password unset and deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/imports \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a Target's Import properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Import properties	{ Uploaded file properties files: [ { upload_id: string (uuid) Uploaded file unique identifier name: string (filename) Uploaded file name size: integer (int32) Uploaded file size status: boolean Uploaded file status current_size: integer Uploaded file current size } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/imports \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Adds an Import to a Target to be used with each scan

After the operation completes, the Import file (Acunetix HTTP Sniffer, Telerik Fiddler SAZ, PortSwigger Burp State/Export XML, HTTP Archive, and Plain Text formats) needs to be uploaded via a POST request to the URL returned in the response using an application/octet-stream Content-Type within a timeout period. To apply the Client Certificate once uploaded, update the Target's configuration

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name`	File name	string (`filename`)	body
`size`	File size in bytes	integer (`int32`)	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Import temporary file upload URL	{ Temporary file upload URL upload_url: string (url) }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/imports/{import_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Un-sets and Delete Import for a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path
`import_id *`	See more.	string	path

Responses

Code	Description	Body
204	Import unset and deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/exclusions \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a excluded paths

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Excluded path list	{ excluded_paths: [ (0..512) Paths excluded from the Scan scope string (path_match) ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/exclusions \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Updates the list of the excluded paths

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`add`	A list of exclusions to be added to the list	object	body
`delete`	A list of exclusions to be deleted from the list	object	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Excluded path list updated	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Scans. The returned list will be paginated if the number of elements exceeds 100. Additionally, a combination of cursors, queries and limits can be used to extract a subset of all the scans.

Get all scans

curl --request GET --url "https://localhost:3443/api/v1/scans" --header "X-Auth: API_KEY" --header "Content-type: application/json"

Get the 2nd (`cursor`) up to 4th (`limit` - exclusive) list of scans

curl --request GET --url "https://localhost:3443/api/v1/scans?c=2&l=1" --header "X-Auth: API_KEY" --header "Content-type: application/json"

Get the 2nd (`cursor`) up to 4th (`limit` - exclusive) list of scans that have high severity vulnerabilities for a specific target

curl --request GET --url "https://localhost:3443/api/v1/scans?c=2&l=1&q=threat:3;target_id:TARGET_ID" --header "X-Auth: API_KEY" --header "Content-type: application/json"

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query

Responses

Code	Description	Body
200	Scans list	{ Paginated list of Scans scans: [ { all of: { user_authorized_to_scan: string Enum: Array [1] 0: "yes" target_id: string (uuid) Scan target's ID profile_id: string (uuid) Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs List of built-in scanning profiles: Full Scan: 11111111-1111-1111-1111-111111111111 High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 Weak Passwords: 11111111-1111-1111-1111-111111111115 Crawl Only: 11111111-1111-1111-1111-111111111117 report_template_id: string (uuid) Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID List of built-in report templates and their IDs: Developer: 11111111-1111-1111-1111-111111111111 Quick: 11111111-1111-1111-1111-111111111112 Executive Summary: 11111111-1111-1111-1111-111111111113 HIPAA: 11111111-1111-1111-1111-111111111114 Affected Items: 11111111-1111-1111-1111-111111111115 Scan Comparison: 11111111-1111-1111-1111-111111111124 CWE 2011: 11111111-1111-1111-1111-111111111116 ISO 27001: 11111111-1111-1111-1111-111111111117 NIST SP800 53: 11111111-1111-1111-1111-111111111118 OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 STIG DISA: 11111111-1111-1111-1111-111111111122 WASC Threat Classification: 11111111-1111-1111-1111-111111111123 next_run: string (date) Next scheduled Scan date schedule: { Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. Example Schedule event to occur on a weekly basis (`FREQ=WEEKLY`), on every third week (`INTERVAL=3`) on a Thursday (`BYDAY=TH`) `"schedule":{ "disable":false, "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH", "time_sensitive":true }` disable: boolean Schedule is disabled time_sensitive: boolean Scan Schedule is time-sensitive history_limit: integer (int32) Number of Scans to retain for a Schedule maximum:10 start_date: string (date-time\|null) The (inclusive) start time of the schedule For a recurring schedule, this is the start time of the first instance. Formatted as described in RFC3339 http://xml2rfc.ietf.org/public/rfc/html/rfc3339.html#anchor14 recurrence: string (rrule) Recurrence specification as described in RFC5545 (http://tools.ietf.org/html/rfc5545) } ui_session_id: string (md5) For internal use only } { current_session: { Information about the current scan that is running. This will include information about the progress and severity counts (e.g. `"low": 0`) status: string Scan status (Scheduled, Processing, Aborted, Completed, Failed) Enum: Array [10] 0: "scheduled" 1: "queued" 2: "starting" 3: "processing" 4: "aborting" 5: "aborted" 6: "pausing" 7: "paused" 8: "completed" 9: "failed" event_level: integer severity_counts: { high: integer High-severity Vulnerability count medium: integer Medium-severity Vulnerability count low: integer Low-severity Vulnerability count info: integer Informational Alert count } progress: integer Percentage of Scan progress complete maximum:100 start_date: string (date) Scan start date threat: integer scan_session_id: string (uuid) } previous_session: { } } { target: { address: string (host\|url) Target URL or hostname description: string Target description type: string The type of the target (default, network or demo) Enum: Array [3] 0: "default" 1: "demo" 2: "network" criticality: integer Target criticality (Critical [30], High [20], Normal [10], Low [0]) Enum: Array [4] 0: "30" 1: "20" 2: "10" 3: "0" } criticality: integer profile_name: string Scanning Profile name scan_id: string (uuid) Scan unique identifier start_date: string (date-time) Scan start date } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/scans \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Schedule a scan to run, by optionally specifying the target, schedule, scan type, report and recurrence.

Note: The Scan ID is not provided in the response body. It is instead provided in the Location response header.
Note: For any cURL requests, POST data inside the --data parameter may need to have double-quotes escaped (" -> \")

Schedule a "Full Scan" for a Scan Target to run immediately

curl --request POST --url "https://acunetix-installation/api/v1/scans" --header "X-Auth: {API_KEY}" --header "Content-Type: application/json" --data '{"target_id": "{TARGET_UUID}", "profile_id": "11111111-1111-1111-1111-111111111111", "schedule": {"disable":false,"start_date":null,"time_sensitive":false}}'

Schedule a "Crawl Only" scan for a Scan Target to run every third Thursday

curl --request POST --url "https://acunetix-installation/api/v1/scans" --header "X-Auth: {API_KEY}" --header "Content-Type: application/json" --data "{"target_id":"{TARGET_ID}","profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=1;BYDAY=TH","time_sensitive":true}}"

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`user_authorized_to_scan`	No description.	string	body
`target_id *`	Scan target's ID	string (`uuid`)	body
`profile_id *`	Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs List of built-in scanning profiles: Full Scan: 11111111-1111-1111-1111-111111111111 High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 Weak Passwords: 11111111-1111-1111-1111-111111111115 Crawl Only: 11111111-1111-1111-1111-111111111117	string (`uuid`)	body
`report_template_id`	Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID List of built-in report templates and their IDs: Developer: 11111111-1111-1111-1111-111111111111 Quick: 11111111-1111-1111-1111-111111111112 Executive Summary: 11111111-1111-1111-1111-111111111113 HIPAA: 11111111-1111-1111-1111-111111111114 Affected Items: 11111111-1111-1111-1111-111111111115 Scan Comparison: 11111111-1111-1111-1111-111111111124 CWE 2011: 11111111-1111-1111-1111-111111111116 ISO 27001: 11111111-1111-1111-1111-111111111117 NIST SP800 53: 11111111-1111-1111-1111-111111111118 OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 STIG DISA: 11111111-1111-1111-1111-111111111122 WASC Threat Classification: 11111111-1111-1111-1111-111111111123	string (`uuid`)	body
`next_run`	Next scheduled Scan date	string (`date`)	body
`schedule *`	Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. Example Schedule event to occur on a weekly basis (`FREQ=WEEKLY`), on every third week (`INTERVAL=3`) on a Thursday (`BYDAY=TH`) `"schedule":{ "disable":false, "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH", "time_sensitive":true }`	object	body
`ui_session_id`	For internal use only	string (`md5`)	body

Responses

Code Description Body Headers

201

Scan scheduled

{

all of:

{

user_authorized_to_scan:

string

Enum:

Array [1]

0: "yes"

target_id:

string (uuid)

Scan target's ID

profile_id:

string (uuid)

Scanning profile (e.g. "Crawl Only", "Full Scan") ID.

Note: Custom scanning profiles may have randomized IDs

List of built-in scanning profiles:

Full Scan: 11111111-1111-1111-1111-111111111111
High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112
Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116
SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113
Weak Passwords: 11111111-1111-1111-1111-111111111115
Crawl Only: 11111111-1111-1111-1111-111111111117

report_template_id:

string (uuid)

Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID

List of built-in report templates and their IDs:

Developer: 11111111-1111-1111-1111-111111111111
Quick: 11111111-1111-1111-1111-111111111112
Executive Summary: 11111111-1111-1111-1111-111111111113
HIPAA: 11111111-1111-1111-1111-111111111114
Affected Items: 11111111-1111-1111-1111-111111111115
Scan Comparison: 11111111-1111-1111-1111-111111111124
CWE 2011: 11111111-1111-1111-1111-111111111116
ISO 27001: 11111111-1111-1111-1111-111111111117
NIST SP800 53: 11111111-1111-1111-1111-111111111118
OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119
OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125
PCI DSS 3.2: 11111111-1111-1111-1111-111111111120
Sarbanes Oxley: 11111111-1111-1111-1111-111111111121
STIG DISA: 11111111-1111-1111-1111-111111111122
WASC Threat Classification: 11111111-1111-1111-1111-111111111123

next_run:

string (date)

Next scheduled Scan date

schedule:

{

Defines the schedule for the when an event (e.g. a Scan) is to occur
and at what frequency.

Example

Schedule event to occur on a weekly basis (FREQ=WEEKLY), on every
third week (INTERVAL=3) on a Thursday (BYDAY=TH)


"schedule":{
                "disable":false,
                "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH",
                "time_sensitive":true
}

disable:

boolean

Schedule is disabled

time_sensitive:

boolean

Scan Schedule is time-sensitive

history_limit:

integer (int32)

Number of Scans to retain for a Schedule

maximum:10

start_date:

string (date-time|null)

The (inclusive) start time of the schedule For a recurring schedule, this is the start time of the first instance. Formatted as described in RFC3339 http://xml2rfc.ietf.org/public/rfc/html/rfc3339.html#anchor14

recurrence:

string (rrule)

Recurrence specification as described in RFC5545 (http://tools.ietf.org/html/rfc5545)

}

ui_session_id:

string (md5)

For internal use only

}

{

current_session:

{

Information about the current scan that is running. This will include information about the progress and severity counts (e.g. "low": 0)

status:

string

Scan status (Scheduled, Processing, Aborted, Completed, Failed)

Enum:

Array [10]

0: "scheduled"

1: "queued"

2: "starting"

3: "processing"

4: "aborting"

5: "aborted"

6: "pausing"

7: "paused"

8: "completed"

9: "failed"

event_level:

integer

severity_counts:

{

high:

integer

High-severity Vulnerability count

medium:

integer

Medium-severity Vulnerability count

low:

integer

Low-severity Vulnerability count

info:

integer

Informational Alert count

}

progress:

integer

Percentage of Scan progress complete

maximum:100

start_date:

string (date)

Scan start date

threat:

integer

scan_session_id:

string (uuid)

}

previous_session:

{

}

{

target:

{

address:

string (host|url)

Target URL or hostname

description:

string

Target description

type:

string

The type of the target (default, network or demo)

Enum:

Array [3]

0: "default"

1: "demo"

2: "network"

criticality:

integer

Target criticality (Critical [30], High [20], Normal [10], Low [0])

Enum:

Array [4]

0: "30"

1: "20"

2: "10"

3: "0"

}

criticality:

integer

profile_name:

string

Scanning Profile name

scan_id:

string (uuid)

Scan unique identifier

start_date:

string (date-time)

Scan start date

}

Name	Schema
`Location`	string (url) Scan URI containing the base API URL along with the new Scan ID

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request POST \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/abort \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Aborts a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan aborted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/resume \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Resumes a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan resumed	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a Scan's properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
200	Scan properties	{ all of: { user_authorized_to_scan: string Enum: Array [1] 0: "yes" target_id: string (uuid) Scan target's ID profile_id: string (uuid) Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs List of built-in scanning profiles: Full Scan: 11111111-1111-1111-1111-111111111111 High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 Weak Passwords: 11111111-1111-1111-1111-111111111115 Crawl Only: 11111111-1111-1111-1111-111111111117 report_template_id: string (uuid) Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID List of built-in report templates and their IDs: Developer: 11111111-1111-1111-1111-111111111111 Quick: 11111111-1111-1111-1111-111111111112 Executive Summary: 11111111-1111-1111-1111-111111111113 HIPAA: 11111111-1111-1111-1111-111111111114 Affected Items: 11111111-1111-1111-1111-111111111115 Scan Comparison: 11111111-1111-1111-1111-111111111124 CWE 2011: 11111111-1111-1111-1111-111111111116 ISO 27001: 11111111-1111-1111-1111-111111111117 NIST SP800 53: 11111111-1111-1111-1111-111111111118 OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 STIG DISA: 11111111-1111-1111-1111-111111111122 WASC Threat Classification: 11111111-1111-1111-1111-111111111123 next_run: string (date) Next scheduled Scan date schedule: { Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. Example Schedule event to occur on a weekly basis (`FREQ=WEEKLY`), on every third week (`INTERVAL=3`) on a Thursday (`BYDAY=TH`) `"schedule":{ "disable":false, "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH", "time_sensitive":true }` disable: boolean Schedule is disabled time_sensitive: boolean Scan Schedule is time-sensitive history_limit: integer (int32) Number of Scans to retain for a Schedule maximum:10 start_date: string (date-time\|null) The (inclusive) start time of the schedule For a recurring schedule, this is the start time of the first instance. Formatted as described in RFC3339 http://xml2rfc.ietf.org/public/rfc/html/rfc3339.html#anchor14 recurrence: string (rrule) Recurrence specification as described in RFC5545 (http://tools.ietf.org/html/rfc5545) } ui_session_id: string (md5) For internal use only } { current_session: { Information about the current scan that is running. This will include information about the progress and severity counts (e.g. `"low": 0`) status: string Scan status (Scheduled, Processing, Aborted, Completed, Failed) Enum: Array [10] 0: "scheduled" 1: "queued" 2: "starting" 3: "processing" 4: "aborting" 5: "aborted" 6: "pausing" 7: "paused" 8: "completed" 9: "failed" event_level: integer severity_counts: { high: integer High-severity Vulnerability count medium: integer Medium-severity Vulnerability count low: integer Low-severity Vulnerability count info: integer Informational Alert count } progress: integer Percentage of Scan progress complete maximum:100 start_date: string (date) Scan start date threat: integer scan_session_id: string (uuid) } previous_session: { } } { target: { address: string (host\|url) Target URL or hostname description: string Target description type: string The type of the target (default, network or demo) Enum: Array [3] 0: "default" 1: "demo" 2: "network" criticality: integer Target criticality (Critical [30], High [20], Normal [10], Low [0]) Enum: Array [4] 0: "30" 1: "20" 2: "10" 3: "0" } criticality: integer profile_name: string Scanning Profile name scan_id: string (uuid) Scan unique identifier start_date: string (date-time) Scan start date } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/scans/{scan_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`user_authorized_to_scan`	No description.	string	body
`target_id *`	Scan target's ID	string (`uuid`)	body
`profile_id *`	Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs List of built-in scanning profiles: Full Scan: 11111111-1111-1111-1111-111111111111 High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 Weak Passwords: 11111111-1111-1111-1111-111111111115 Crawl Only: 11111111-1111-1111-1111-111111111117	string (`uuid`)	body
`report_template_id`	Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID List of built-in report templates and their IDs: Developer: 11111111-1111-1111-1111-111111111111 Quick: 11111111-1111-1111-1111-111111111112 Executive Summary: 11111111-1111-1111-1111-111111111113 HIPAA: 11111111-1111-1111-1111-111111111114 Affected Items: 11111111-1111-1111-1111-111111111115 Scan Comparison: 11111111-1111-1111-1111-111111111124 CWE 2011: 11111111-1111-1111-1111-111111111116 ISO 27001: 11111111-1111-1111-1111-111111111117 NIST SP800 53: 11111111-1111-1111-1111-111111111118 OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 STIG DISA: 11111111-1111-1111-1111-111111111122 WASC Threat Classification: 11111111-1111-1111-1111-111111111123	string (`uuid`)	body
`next_run`	Next scheduled Scan date	string (`date`)	body
`schedule *`	Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. Example Schedule event to occur on a weekly basis (`FREQ=WEEKLY`), on every third week (`INTERVAL=3`) on a Thursday (`BYDAY=TH`) `"schedule":{ "disable":false, "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH", "time_sensitive":true }`	object	body
`ui_session_id`	For internal use only	string (`md5`)	body
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/scans/{scan_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results?c={c}&l={l} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns Scan Results across multiple Scan runs

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
200	Scan Results	{ results: [ { Scan result properties scan_id: string (uuid) Scan unique identifier result_id: string (uuid) Result unique identifier start_date: string (date-time) Scan start-date end_date: string (date-time) Scan end-date status: string Scan status } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerabilities found during a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query
`scan_id *`	See more.	string	path
`result_id *`	See more.	string	path

Responses

Code	Description	Body
200	Vulnerabilities list	{ vulnerabilities: [ Vulnerabilities list { all of: { status: string Vulnerability Status (Fixed, Ignored, Open, False Positive) Enum: Array [4] 0: "fixed" 1: "ignored" 2: "open" 3: "false_positive" } { target_description: string The affected target description vuln_id: string (uuid) Vulnerability unique identifier issue_id: string vt_name: string Vulnerability Type name criticality: integer Vulnerability criticality vt_id: string (uuid) Vulnerability Type unique identifier affects_detail: string Vulnerability input affects_url: string Vulnerability URL source: string Who detected the vulnerability loc_id: integer target_id: string (uuid) Target unique identifier first_seen: string (date) Date Vulnerability was first found last_seen: string (date) Date Vulnerability was last found severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] continuous: boolean Continuous Scan } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a Vulnerability's details

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`vuln_id *`	See more.	string	path

Responses

Code	Description	Body
200	Vulnerability details
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/http_response \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerability details

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`vuln_id *`	See more.	string	path

Responses

Code	Description	Body
200	File containing the HTTP response
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PUT \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/recheck \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Re-checks a Vulnerability

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`ui_session_id`	For internal use only	string (`md5`)	body
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`vuln_id *`	See more.	string	path

Responses

Code Description Body Headers

201

Re-check Scan scheduled

No schema

Name	Schema
`Location`	string (url) Scan URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/vulnerability_types?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns Vulnerability Types found during a Scan

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
200	Vulnerability Types list	{ vulnerability_types: [ Count of Vulnerability Types found { all of: { vt_id: string (uuid) Vulnerability Type unique identifier name: string Vulnerability Type name severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] cvss2: string (cvss) Vulnerability Type CVSS v2.0 vector string cvss3: string (cvss) Vulnerability Type CVSS v3.0 vector string } { count: integer } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/crawldata?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Search Crawl Data of a Scan

The response will return a Location header with a URI in the format of /scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/children. If no search query (q) parameter is passed, the response will return the URI of the Crawl Root

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path

Responses

Code Description Body Headers

200

Locations list

{

List of queried crawl locations

locations:

[

{

loc_id:

integer

Crawl location unique identifier

name:

string

Crawl location name

path:

string

Crawl location path

loc_type:

string

Crawl location type (File, Folder)

Enum:

Array [2]

0: "file"

1: "folder"

source_id:

integer

Crawl location source unique identifier

parent_id:

integer

tags:

string (tag)

excluded:

boolean

}

]

pagination:

{

next_cursor:

string

Next page cursor

previous_cursor:

string

Previous page cursor

}

302

Crawl Root URI

No schema

Name	Schema
`Location`	string (url) Crawl location URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Crawl Data Location properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`loc_id *`	See more.	integer	path

Responses

Code	Description	Body
200	Location properties	{ loc_id: integer Crawl location unique identifier parent_id: integer source_id: integer url: string (url) Crawl location URL severity_counts: { high: integer High-severity Vulnerability count medium: integer Medium-severity Vulnerability count low: integer Low-severity Vulnerability count info: integer Informational Alert count } threat: integer }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/children?c={c}&l={l} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Children of the Location identified by loc_id

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`loc_id *`	See more.	integer	path

Responses

Code	Description	Body
200	Locations	{ List of queried crawl locations locations: [ { loc_id: integer Crawl location unique identifier name: string Crawl location name path: string Crawl location path loc_type: string Crawl location type (File, Folder) Enum: Array [2] 0: "file" 1: "folder" source_id: integer Crawl location source unique identifier parent_id: integer tags: string (tag) excluded: boolean } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/vulnerabilities?c={c}&l={l} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerabilities for the specified Location

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path
`loc_id *`	See more.	integer	path

Responses

Code	Description	Body
200	Vulnerabilities list	{ vulnerabilities: [ Vulnerabilities list { all of: { status: string Vulnerability Status (Fixed, Ignored, Open, False Positive) Enum: Array [4] 0: "fixed" 1: "ignored" 2: "open" 3: "false_positive" } { target_description: string The affected target description vuln_id: string (uuid) Vulnerability unique identifier issue_id: string vt_name: string Vulnerability Type name criticality: integer Vulnerability criticality vt_id: string (uuid) Vulnerability Type unique identifier affects_detail: string Vulnerability input affects_url: string Vulnerability URL source: string Who detected the vulnerability loc_id: integer target_id: string (uuid) Target unique identifier first_seen: string (date) Date Vulnerability was first found last_seen: string (date) Date Vulnerability was last found severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] continuous: boolean Continuous Scan } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scans/{scan_id}/results/{result_id}/statistics \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Scan Statistics

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`result_id *`	See more.	string	path
`scan_id *`	See more.	string	path

Responses

Code	Description	Body
200	Scan statistics	{ target_id: string (uuid) Target unique identifier host: string Target URL or hostname duration: integer Scan duration in seconds avg_response_time: integer Scan average response time in milliseconds max_response_time: integer Scan maximum response time in milliseconds request_count: integer Scan total request count locations_found: integer Number of locations found during a Scan web_server: string Enumerated web server responsive: boolean Server responsive during a Scan technologies: [ Technologies enumerated string ] hosts_discovered: [ Additional hosts discovered during the Scan string (hostname) ] sensor_detected: boolean secondary_targets: [ Secondary Targets related to the scanned Target [Circular] ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/vulnerabilities?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of all Vulnerabilities found

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query

Responses

Code	Description	Body
200	Vulnerabilities list	{ vulnerabilities: [ Vulnerabilities list { all of: { status: string Vulnerability Status (Fixed, Ignored, Open, False Positive) Enum: Array [4] 0: "fixed" 1: "ignored" 2: "open" 3: "false_positive" } { target_description: string The affected target description vuln_id: string (uuid) Vulnerability unique identifier issue_id: string vt_name: string Vulnerability Type name criticality: integer Vulnerability criticality vt_id: string (uuid) Vulnerability Type unique identifier affects_detail: string Vulnerability input affects_url: string Vulnerability URL source: string Who detected the vulnerability loc_id: integer target_id: string (uuid) Target unique identifier first_seen: string (date) Date Vulnerability was first found last_seen: string (date) Date Vulnerability was last found severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] continuous: boolean Continuous Scan } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/vulnerabilities/{vuln_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerability details

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`vuln_id *`	See more.	string	path

Responses

Code	Description	Body
200	Vulnerability details list
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/vulnerabilities/{vuln_id}/http_response \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerability details

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`vuln_id *`	See more.	string	path

Responses

Code	Description	Body
200	File containing the HTTP response
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PUT \
                         --url http://acunetix-installation/api/v1/vulnerabilities/{vuln_id}/recheck \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Re-checks for Target Vulnerability

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`ui_session_id`	For internal use only	string (`md5`)	body
`vuln_id *`	See more.	string	path

Responses

Code Description Body Headers

201

Scan scheduled

No schema

Name	Schema
`Location`	string (url) Scheduled Scan URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request PUT \
                         --url http://acunetix-installation/api/v1/vulnerabilities/{vuln_id}/status \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Updates the status of a Vulnerability

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`status *`	Vulnerability Status (Fixed, Ignored, Open, False Positive)	string	body
`vuln_id *`	See more.	string	path

Responses

Code	Description	Body
204	Vulnerability status updated	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/vulnerability_types?c={c}&l={l}&v={v}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerability Types with a count for each Vulnerability Type encountered

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`v`	See more.	string	query
`q`	See more.	string	query

Responses

Code	Description	Body
200	Vulnerability Type details list	{ List of Vulnerability Types found with counts vulnerability_types: [ { all of: { vt_id: string (uuid) Vulnerability Type unique identifier name: string Vulnerability Type name severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] cvss2: string (cvss) Vulnerability Type CVSS v2.0 vector string cvss3: string (cvss) Vulnerability Type CVSS v3.0 vector string } { count: integer criticality: integer Vulnerability Type criticality score } } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/vulnerability_types/{vt_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Vulnerability Types with a count for each Vulnerability Type encountered

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`vt_id *`	See more.	string	path

Responses

Code	Description	Body
200	Vulnerability Type properties	{ vt_id: string (uuid) Vulnerability Type unique identifier name: string Vulnerability Type name severity: integer Vulnerability Type severity tags: [ Vulnerability Type tags string (tag) ] cvss2: string (cvss) Vulnerability Type CVSS v2.0 vector string cvss3: string (cvss) Vulnerability Type CVSS v3.0 vector string }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/report_templates \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Report Templates

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	Report Templates list	{ templates: [ { name: string Report Template name group: string template_id: string (uuid) Report Template unique identifier accepted_sources: [ string Enum: Array [9] 0: "all_vulnerabilities" 1: "targets" 2: "groups" 3: "scans" 4: "scan_result" 5: "vulnerabilities" 6: "scan_vulnerabilities" 7: "scan_pair" 8: "scan_result_pair" ] } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/reports?c={c}&l={l}&q={q} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Reports. The returned list will be paginated if the number of elements exceeds 100

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`c`	See more.	string	query
`l`	See more.	integer	query
`q`	See more.	string	query

Responses

Code	Description	Body
200	Reports list	{ List of Reports reports: [ { report_id: string (uuid) Report unique identifier source: { description: string list_type: string Enum: Array [9] 0: "all_vulnerabilities" 1: "targets" 2: "groups" 3: "scans" 4: "scan_result" 5: "vulnerabilities" 6: "scan_vulnerabilities" 7: "scan_pair" 8: "scan_result_pair" id_list: [ (0..500) string ] } template_id: string (uuid) Report template unique identifier template_name: string Report template name template_type: integer Report template type generation_date: string (date-time) Report generation date status: string Report status download: [ Report download URI string ] } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/reports \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Generates a Report

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`template_id *`	No description.	string (`uuid`)	body
`source *`	No description.	object	body

Responses

Code Description Body Headers

201

Report generated

{

report_id:

string (uuid)

Report unique identifier

source:

{

description:

string

list_type:

string

Enum:

Array [9]

0: "all_vulnerabilities"

1: "targets"

2: "groups"

3: "scans"

4: "scan_result"

5: "vulnerabilities"

6: "scan_vulnerabilities"

7: "scan_pair"

8: "scan_result_pair"

id_list:

[ (0..500)

string

]

}

template_id:

string (uuid)

Report template unique identifier

template_name:

string

Report template name

template_type:

integer

Report template type

generation_date:

string (date-time)

Report generation date

status:

string

Report status

download:

[

Report download URI

string

]

}

Name	Schema
`Location`	string (url) Report URL

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/reports/{report_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a Report's properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`report_id *`	See more.	string	path

Responses

Code	Description	Body
200	Report properties	{ report_id: string (uuid) Report unique identifier source: { description: string list_type: string Enum: Array [9] 0: "all_vulnerabilities" 1: "targets" 2: "groups" 3: "scans" 4: "scan_result" 5: "vulnerabilities" 6: "scan_vulnerabilities" 7: "scan_pair" 8: "scan_result_pair" id_list: [ (0..500) string ] } template_id: string (uuid) Report template unique identifier template_name: string Report template name template_type: integer Report template type generation_date: string (date-time) Report generation date status: string Report status download: [ Report download URI string ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/reports/{report_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes a Report

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`report_id *`	See more.	string	path

Responses

Code	Description	Body
204	Report deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/reports/{report_id}/repeat \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Re-generates a Report

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`report_id *`	See more.	string	path

Responses

Code Description Body Headers

201

Report re-generated

{

report_id:

string (uuid)

Report unique identifier

source:

{

description:

string

list_type:

string

Enum:

Array [9]

0: "all_vulnerabilities"

1: "targets"

2: "groups"

3: "scans"

4: "scan_result"

5: "vulnerabilities"

6: "scan_vulnerabilities"

7: "scan_pair"

8: "scan_result_pair"

id_list:

[ (0..500)

string

]

}

template_id:

string (uuid)

Report template unique identifier

template_name:

string

Report template name

template_type:

integer

Report template type

generation_date:

string (date-time)

Report generation date

status:

string

Report status

download:

[

Report download URI

string

]

}

Name	Schema
`Location`	string (url) Re-generated Report URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/reports/download/{descriptor} \
     --header "Content-type: application/json"

Replace{…}with values

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`descriptor *`	See more.	string	path

Responses

Code	Description	Body
200	The report file

curl --request GET \
                         --url http://acunetix-installation/api/v1/export_types \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Export Types

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	Export Types list	{ templates: [ { name: string content_type: string accepted_sources: [ string Enum: Array [9] 0: "all_vulnerabilities" 1: "targets" 2: "groups" 3: "scans" 4: "scan_result" 5: "vulnerabilities" 6: "scan_vulnerabilities" 7: "scan_pair" 8: "scan_result_pair" ] export_id: string (uuid) } ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/exports \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Exports one or more Export Sources

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`export_id *`	No description.	string (`uuid`)	body
`source *`	No description.	object	body

Responses

Code Description Body Headers

201

Export properties

{

report_id:

string (uuid)

source:

{

list_type:

string

Enum:

Array [9]

0: "all_vulnerabilities"

1: "targets"

2: "groups"

3: "scans"

4: "scan_result"

5: "vulnerabilities"

6: "scan_vulnerabilities"

7: "scan_pair"

8: "scan_result_pair"

id_list:

[ (0..500)

string

]

}

template_id:

string (uuid)

template_name:

string

template_type:

integer

generation_date:

string (date-time)

status:

string

download:

[

string

]

}

Name	Schema
`Location`	string (url) Exported Source URI

409

Export Source cannot be used with specified Export Type

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/exports/{export_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a ist of an Export's properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`export_id *`	See more.	string	path

Responses

Code	Description	Body
200	Export properties	{ report_id: string (uuid) source: { list_type: string Enum: Array [9] 0: "all_vulnerabilities" 1: "targets" 2: "groups" 3: "scans" 4: "scan_result" 5: "vulnerabilities" 6: "scan_vulnerabilities" 7: "scan_pair" 8: "scan_result_pair" id_list: [ (0..500) string ] } template_id: string (uuid) template_name: string template_type: integer generation_date: string (date-time) status: string download: [ string ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/exports/{export_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes an Export

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`export_id *`	See more.	string	path

Responses

Code	Description	Body
204	Deleted Export	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/scanning_profiles \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Scan Types (Scanning Profiles)

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	List of Scan Types (Scanning Profiles)	{ List of available Scanning Profiles scanning_profiles: [ { name: string Scan Type (Scanning Profile) name profile_id: string (uuid) Scan Type (Scanning Profile) unique identifier sort_order: integer Sort order value minimum:1 custom: boolean Describes if the Scan Type (Scanning Profile) is user-editable (read only) checks: [ (0..350) Vulnerability test names obtained from /checks.json string ] } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/scanning_profiles \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Creates a new Scan Type (Scanning Profile)

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name`	Scan Type (Scanning Profile) name	string	body
`profile_id`	Scan Type (Scanning Profile) unique identifier	string (`uuid`)	body
`sort_order`	Sort order value	integer	body
`custom`	Describes if the Scan Type (Scanning Profile) is user-editable (read only)	boolean	body
`checks *`	Vulnerability test names obtained from /checks.json	array	body

Responses

Code Description Body Headers

201

Scan Type (Scanning Profile) added

{

name:

string

Scan Type (Scanning Profile) name

profile_id:

string (uuid)

Scan Type (Scanning Profile) unique identifier

sort_order:

integer

Sort order value

minimum:1

custom:

boolean

Describes if the Scan Type (Scanning Profile) is user-editable (read only)

checks:

[ (0..350)

Vulnerability test names obtained from /checks.json

string

]

}

Name	Schema
`Location`	string (url) Scan Type (Scanning Profile) URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/scanning_profiles/{scanning_profile_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of a Scan Type's (Scanning Profile) properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scanning_profile_id *`	See more.	string	path

Responses

Code	Description	Body
200	Scan Types (Scanning Profiles)	{ name: string Scan Type (Scanning Profile) name profile_id: string (uuid) Scan Type (Scanning Profile) unique identifier sort_order: integer Sort order value minimum:1 custom: boolean Describes if the Scan Type (Scanning Profile) is user-editable (read only) checks: [ (0..350) Vulnerability test names obtained from /checks.json string ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/scanning_profiles/{scanning_profile_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies Scan Type (Scanning Profile)

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name`	Scan Type (Scanning Profile) name	string	body
`profile_id`	Scan Type (Scanning Profile) unique identifier	string (`uuid`)	body
`sort_order`	Sort order value	integer	body
`custom`	Describes if the Scan Type (Scanning Profile) is user-editable (read only)	boolean	body
`checks *`	Vulnerability test names obtained from /checks.json	array	body
`scanning_profile_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan Type (Scanning Profile) modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/scanning_profiles/{scanning_profile_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes a Scan Type (Scanning Profile)

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`scanning_profile_id *`	See more.	string	path

Responses

Code	Description	Body
204	Scan Type (Scanning Profile) deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/target_groups?q={q}&c={c}&l={l} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Target Groups

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`q`	See more.	string	query
`c`	See more.	string	query
`l`	See more.	integer	query

Responses

Code	Description	Body
200	List of Target Groups	{ groups: [ { group_id: string (uuid) Target Group unique identifier name: string Target Group name target_count: integer Target Group Target count description: string } ] pagination: { next_cursor: string Next page cursor previous_cursor: string Previous page cursor } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/target_groups \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Creates a Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`group_id`	Target Group unique identifier	string (`uuid`)	body
`name *`	Target Group name	string	body
`target_count`	Target Group Target count	integer	body
`description`	No description.	string	body

Responses

Code Description Body Headers

201

Target Group created

{

group_id:

string (uuid)

Target Group unique identifier

name:

string

Target Group name

target_count:

integer

Target Group Target count

description:

string

}

Name	Schema
`Location`	string (url) Target Group URI

default

Error

{

Error processing request

code:

integer

reason:

string

Localized error message

details:

[

string

]

}

curl --request GET \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Target Group properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`group_id *`	See more.	string	path

Responses

Code	Description	Body
200	Target Group	{ group_id: string (uuid) Target Group unique identifier name: string Target Group name target_count: integer Target Group Target count description: string }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`group_id`	Target Group unique identifier	string (`uuid`)	body
`name *`	Target Group name	string	body
`target_count`	Target Group Target count	integer	body
`description`	No description.	string	body
`group_id *`	See more.	string	path

Responses

Code	Description	Body
204	Target Group modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes a Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`group_id *`	See more.	string	path

Responses

Code	Description	Body
204	Target Group deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id}/targets \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Targets in a Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`group_id *`	See more.	string	path

Responses

Code	Description	Body
200	Targets in Target Group	{ target_id_list: [ Target unique identifiers string (uuid) ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id}/targets \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Assigns one or more Targets to a Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id_list`	Target unique identifiers	array	body
`group_id *`	See more.	string	path

Responses

Code	Description	Body
204	Targets assigned to Target Group	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/target_groups/{group_id}/targets \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies one or more Targets in a Target Group

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`remove`	Remove Targets from Target Group	array	body
`add`	Add Targets to Target Group	array	body
`group_id *`	See more.	string	path

Responses

Code	Description	Body
204	Targets in Target Group modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/excluded_hours_profiles \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Excluded Hours Profiles

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	List of Excluded Hours Profiles	{ values: [ { name: string excluded_hours_id: string (uuid) time_offset: integer Time offset in minutes minimum:-1440 maximum:1440 exclusion_matrix: [ (168..168) Exclusion matrix 7d * 24h, true = exclude, false = ignore boolean ] } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/excluded_hours_profiles \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Creates a new Excluded Hours Profile

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name *`	No description.	string	body
`excluded_hours_id`	No description.	string (`uuid`)	body
`time_offset`	Time offset in minutes	integer	body
`exclusion_matrix *`	Exclusion matrix 7d * 24h, true = exclude, false = ignore	array	body

Responses

Code	Description	Body
201	Excluded Hours Profile created	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/excluded_hours_profiles/{excluded_hours_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Excluded Hours Profile properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`excluded_hours_id *`	See more.	string	path

Responses

Code	Description	Body
200	Excluded Hours Profile properties	{ name: string excluded_hours_id: string (uuid) time_offset: integer Time offset in minutes minimum:-1440 maximum:1440 exclusion_matrix: [ (168..168) Exclusion matrix 7d * 24h, true = exclude, false = ignore boolean ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/excluded_hours_profiles/{excluded_hours_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies an Excluded Hours Profile

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`name *`	No description.	string	body
`excluded_hours_id`	No description.	string (`uuid`)	body
`time_offset`	Time offset in minutes	integer	body
`exclusion_matrix *`	Exclusion matrix 7d * 24h, true = exclude, false = ignore	array	body
`excluded_hours_id *`	See more.	string	path

Responses

Code	Description	Body
203	Excluded Hours Profile modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/excluded_hours_profiles/{excluded_hours_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes an Excluded Hours Profile

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`excluded_hours_id *`	See more.	string	path

Responses

Code	Description	Body
204	Excluded Hours Profile deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/issue_trackers/check_connection \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Tests the connection to an Issue Tracker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`bug_tracker *`	Issue Tracker	string	body
`url *`	Issue Tracker URL	string (`url`)	body
`project`	No description.	object	body
`issue_type`	No description.	object	body
`auth *`	No description.	object	body

Responses

Code	Description	Body
200	Issue Tracker connection status	{ success: boolean Issue Tracker status message: string Issue Tracker message }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/issue_trackers/check_projects \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Requests an Issue Tracker's Projects

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`bug_tracker *`	Issue Tracker	string	body
`url *`	Issue Tracker URL	string (`url`)	body
`project`	No description.	object	body
`issue_type`	No description.	object	body
`auth *`	No description.	object	body

Responses

Code	Description	Body
200	Issue Tracker Projects	{ projects: [ Issue Tracker projects string Issue Tracker project ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/issue_trackers/check_issue_types \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Requests Issue Types of an Issue Tracker Project

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`bug_tracker *`	Issue Tracker	string	body
`url *`	Issue Tracker URL	string (`url`)	body
`project`	No description.	object	body
`issue_type`	No description.	object	body
`auth *`	No description.	object	body

Responses

Code	Description	Body
200	Issue Tracker Project Issue Types	{ issue_types: [ string Issue Tracker issue type ] }
default	Issue Tracker error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/issue_trackers \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Issue Trackers

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	Issue Trackers list	{ issue_trackers: [ { all of: { bug_tracker: string Issue Tracker Enum: Array [3] 0: "github" 1: "jira" 2: "tfs" url: string (url) Issue Tracker URL project: { project_id: string The id of the project project_name: string The name of the project } issue_type: { issue_id: string The id of the issue type issue_name: string The name of the issue type } auth: { kind: string Issue Tracker authentication method Enum: Array [3] 0: "cookie" 1: "http_basic" 2: "ntlm" user: string Issue Tracker Username password: string Issue Tracker Password } } { issue_tracker_id: string (uuid) name: string } } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/issue_trackers \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Creates a new Issue Tracker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location

Responses

Code	Description	Body
201	Issue Tracker created	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/issue_trackers/{issue_tracker_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Issue Tracker properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`issue_tracker_id *`	See more.	string	path

Responses

Code	Description	Body
200	Issue Tracker properties	{ all of: { bug_tracker: string Issue Tracker Enum: Array [3] 0: "github" 1: "jira" 2: "tfs" url: string (url) Issue Tracker URL project: { project_id: string The id of the project project_name: string The name of the project } issue_type: { issue_id: string The id of the issue type issue_name: string The name of the issue type } auth: { kind: string Issue Tracker authentication method Enum: Array [3] 0: "cookie" 1: "http_basic" 2: "ntlm" user: string Issue Tracker Username password: string Issue Tracker Password } } { issue_tracker_id: string (uuid) name: string } }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request PATCH \
                         --url http://acunetix-installation/api/v1/issue_trackers/{issue_tracker_id} \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Modifies an Issue Tracker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`issue_tracker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Issue Tracker modified	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/issue_trackers/{issue_tracker_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes an Issue Tracker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`issue_tracker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Issue Tracker deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/workers \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of registered Workers

Consumes	Produces
`application/json`	`application/json`

Responses

Code	Description	Body
200	List of Workers	{ workers: [ { scanning_app: string Enum: Array [2] 0: "wvs" 1: "ovas" endpoint: string (url) description: string worker_id: string (uuid) status: string Enum: Array [2] 0: "offline" 1: "online" authorization: string Enum: Array [4] 0: "pending" 1: "authorized" 2: "rejected" 3: "detached" app_version: string } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/workers/{worker_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns a list of Worker properties

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
200	Worker properties	{ scanning_app: string Enum: Array [2] 0: "wvs" 1: "ovas" endpoint: string (url) description: string worker_id: string (uuid) status: string Enum: Array [2] 0: "offline" 1: "online" authorization: string Enum: Array [4] 0: "pending" 1: "authorized" 2: "rejected" 3: "detached" app_version: string }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/workers/{worker_id} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Deletes a Worker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Worker deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request DELETE \
                         --url http://acunetix-installation/api/v1/workers/{worker_id}/ignore_errors \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Ignores Errors for a Worker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Resource deleted	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/workers/{worker_id}/authorize \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Authorizes a Worker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Worker authorization successful	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/workers/{worker_id}/reject \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Rejects a Worker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Worker rejection successful	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/workers/{worker_id}/check \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Checks a Worker's connection

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
200	Worker connection successful
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/workers/{worker_id}/rename \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Renames a Worker

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`description`	No description.	string	body
`worker_id *`	See more.	string	path

Responses

Code	Description	Body
204	Worker renamed	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request GET \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/workers \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Returns Workers assigned to a Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`target_id *`	See more.	string	path

Responses

Code	Description	Body
200	Workers assigned to Target	{ workers: [ { scanning_app: string Enum: Array [2] 0: "wvs" 1: "ovas" endpoint: string (url) description: string worker_id: string (uuid) status: string Enum: Array [2] 0: "offline" 1: "online" authorization: string Enum: Array [4] 0: "pending" 1: "authorized" 2: "rejected" 3: "detached" app_version: string } ] }
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

curl --request POST \
                         --url http://acunetix-installation/api/v1/targets/{target_id}/configuration/workers \
     --data {body} \
     --header {scanner-authorization} \
     --header "Content-type: application/json"

Replace{…}with values

Description

Assigns Workers to a Target. Up to one Worker-type (web or network) can be assigned to a single Target

Consumes	Produces
`application/json`	`application/json`

Parameters

Name	Description	Type	Location
`worker_id_list`	No description.	array	body
`target_id *`	See more.	string	path

Responses

Code	Description	Body
204	Worker assigned to Target	No schema
default	Error	{ Error processing request code: integer reason: string Localized error message details: [ string ] }

Parameters

Description

AcuSensor type

Name	Type	In
`sensor_type *`	string	query

Description

Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).

Name	Type	In
`c`	string	query

Description

Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).

Name	Type	In
`l`	integer	query

Description

View type

Name	Type	In
`v`	string	query

Description

Query to filter results based on a number of filters.

List of Filters:

Scans

target: Specific target to filter for. Only accepts filtering of single targets.
- TARGET_ID (UUID - "11111111-1111-1111-1111-111111111111")
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g. ?threat=3,2)
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g. ?business_criticality=30,10)
- 30: Critical
- 20: High
- 10: Normal
- 0: Low
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g. ?scan_status=completed,queued)
- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
- PROFILE_ID (UUID - "11111111-1111-1111-1111-111111111111")
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
- GROUP_ID (UUID - E.G "11111111-1111-1111-1111-111111111111")

Name	Type	In
`q`	string (`search`)	query

Description

Target unique identifier

Name	Type	In
`target_id *`	string (`uuid`)	query

Description

Scan result unique identifier

Name	Type	In
`result_id *`	string (`uuid`)	query

Description

Allowed Target unique identifier

Name	Type	In
`allowed_target_id *`	string (`uuid`)	query

Description

Group unique identifier

Name	Type	In
`group_id *`	string (`uuid`)	query

Description

Notification unique identifier

Name	Type	In
`notification_id *`	string	query

Description

Scan unique identifier

Name	Type	In
`scan_id *`	string (`uuid`)	query

Description

Issue tracker unique identifier

Name	Type	In
`issue_tracker_id *`	string (`uuid`)	query

Description

Report unique identifier

Name	Type	In
`report_id *`	string (`uuid`)	query

Description

Export unique identifier

Name	Type	In
`export_id *`	string (`uuid`)	query

Description

Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced

Name	Type	In
`loc_id *`	integer (`int32`)	query

Description

Vulnerability unique identifier

Name	Type	In
`vuln_id *`	string	query

Description

Vulnerability Type unique identifier

Name	Type	In
`vt_id *`	string (`uuid`)	query

Description

AcuSensor secret

Name	Type	In
`sensor_secret *`	string (`md5`)	query

Description

Scanning Profile unique identifier

Name	Type	In
`scanning_profile_id *`	string (`uuid`)	query

Description

Excluded Hours Profile unique identifier

Name	Type	In
`excluded_hours_id *`	string (`uuid`)	query

Description

Task id

Name	Type	In
`task_id *`	string (`uuid`)	query

Description

Worker unique identifier

Name	Type	In
`worker_id *`	string (`uuid`)	query

Description

No description available.

Name	Type	In
`descriptor *`	string	query

Model Definitions

Description

No description available.

Name	Type	Description
`name`	string	Report Template name
`group`	string	No description.
`template_id *`	string (`uuid`)	Report Template unique identifier
`accepted_sources`	array	No description.

Description

No description available.

Name	Type	Description
`name`	string	Scan Type (Scanning Profile) name
`profile_id`	string (`uuid`)	Scan Type (Scanning Profile) unique identifier
`sort_order`	integer	Sort order value
`custom`	boolean	Describes if the Scan Type (Scanning Profile) is user-editable (read only)
`checks *`	array	Vulnerability test names obtained from /checks.json

Description

No description available.

Name	Type	Description
`email *`	string (`email`)	Account email
`password *`	string (`sha256`)	Account password
`otp_secret *`	string (`base32_trimmed`)	OTP shared secret
`totp_pwd_1 *`	string (`otp`)	Two consecutive OTP passwords genetrated by the OTP device
`totp_pwd_2 *`	string (`otp`)	Two consecutive OTP passwords genetrated by the OTP device

Description

No description available.

Name	Type	Description
`email *`	string (`email`)	Account email
`password *`	string (`sha256`)	Account password

Description

No description available.

Name	Type	Description
`email *`	string (`email`)	No description.
`current_password *`	string (`sha256`)	Old user account password
`new_password *`	string (`sha256`)	New user account password

Description

No description available.

Name	Type	Description
`current_password`	string (`sha256`)	Old user account password
`new_password`	string (`sha256`)	New user account password
`new_email`	string (`email`)	No description.

Description

No description available.

Name	Type	Description
`next_cursor`	string	Next page cursor
`previous_cursor`	string	Previous page cursor

Description

No description available.

Name	Type	Description
`target_id`	string (`uuid`)	Target unique identifier
`scan_authorization`	object	No description.
`continuous_mode`	boolean	Continuous Mode enabled
`last_scan_date`	string (`date`)	Last date the Target was scanned on
`last_scan_id`	string (`uuid`)	Last Scan unique identifier for the Target
`last_scan_session_id`	string (`uuid`)	No description.
`last_scan_session_status`	string	No description.
`severity_counts`	object	No description.
`threat`	integer	No description.
`links`	array	Target quick-access links (last scan, report)
`manual_intervention`	boolean	Target requires manual intervention
`verification`	string	The verification status of the target (none, auto, admin or demo)

Description

No description available.

Name	Type	Description
`address *`	string (`host\|url`)	Target URL or hostname
`description`	string	Target description
`type`	string	The type of the target (default, network or demo)
`criticality`	integer	Target criticality (Critical [30], High [20], Normal [10], Low [0])

Description

No description available.

Name	Type	Description

Description

Defines the schedule for the when an event (e.g. a Scan) is to occur
and at what frequency.

Example

Schedule event to occur on a weekly basis (FREQ=WEEKLY), on every
third week (INTERVAL=3) on a Thursday (BYDAY=TH)


"schedule":{
                "disable":false,
                "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH",
                "time_sensitive":true
}

Name	Type	Description
`disable`	boolean	Schedule is disabled
`time_sensitive`	boolean	Scan Schedule is time-sensitive
`history_limit`	integer (`int32`)	Number of Scans to retain for a Schedule
`start_date`	string (`date-time\|null`)	The (inclusive) start time of the schedule For a recurring schedule, this is the start time of the first instance. Formatted as described in RFC3339 http://xml2rfc.ietf.org/public/rfc/html/rfc3339.html#anchor14
`recurrence`	string (`rrule`)	Recurrence specification as described in RFC5545 (http://tools.ietf.org/html/rfc5545)

Description

No description available.

Name	Type	Description
`status`	string	Scan status (Scheduled, Processing, Aborted, Completed, Failed)
`event_level`	integer	No description.
`severity_counts`	object	No description.
`progress`	integer	Percentage of Scan progress complete
`start_date`	string (`date`)	Scan start date
`threat`	integer	No description.
`scan_session_id`	string (`uuid`)	No description.

Description

No description available.

Name	Type	Description
`user_authorized_to_scan`	string	No description.
`target_id *`	string (`uuid`)	Scan target's ID
`profile_id *`	string (`uuid`)	Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs List of built-in scanning profiles: Full Scan: 11111111-1111-1111-1111-111111111111 High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 Weak Passwords: 11111111-1111-1111-1111-111111111115 Crawl Only: 11111111-1111-1111-1111-111111111117
`report_template_id`	string (`uuid`)	Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID List of built-in report templates and their IDs: Developer: 11111111-1111-1111-1111-111111111111 Quick: 11111111-1111-1111-1111-111111111112 Executive Summary: 11111111-1111-1111-1111-111111111113 HIPAA: 11111111-1111-1111-1111-111111111114 Affected Items: 11111111-1111-1111-1111-111111111115 Scan Comparison: 11111111-1111-1111-1111-111111111124 CWE 2011: 11111111-1111-1111-1111-111111111116 ISO 27001: 11111111-1111-1111-1111-111111111117 NIST SP800 53: 11111111-1111-1111-1111-111111111118 OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 STIG DISA: 11111111-1111-1111-1111-111111111122 WASC Threat Classification: 11111111-1111-1111-1111-111111111123
`next_run`	string (`date`)	Next scheduled Scan date
`schedule *`	object	Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. Example Schedule event to occur on a weekly basis (`FREQ=WEEKLY`), on every third week (`INTERVAL=3`) on a Thursday (`BYDAY=TH`) `"schedule":{ "disable":false, "recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH", "time_sensitive":true }`
`ui_session_id`	string (`md5`)	For internal use only

Description

No description available.

Name	Type	Description
`current_session`	object	Information about the current scan that is running. This will include information about the progress and severity counts (e.g. `"low": 0`)
`previous_session`	object	No description.

Description

No description available.

Name	Type	Description

Description

Paginated list of Scans

Name	Type	Description
`scans *`	array	No description.
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description
`target_id`	string (`uuid`)	Target unique identifier
`host`	string	Target URL or hostname
`duration`	integer	Scan duration in seconds
`avg_response_time`	integer	Scan average response time in milliseconds
`max_response_time`	integer	Scan maximum response time in milliseconds
`request_count`	integer	Scan total request count
`locations_found`	integer	Number of locations found during a Scan
`web_server`	string	Enumerated web server
`responsive`	boolean	Server responsive during a Scan
`technologies`	array	Technologies enumerated
`hosts_discovered`	array	Additional hosts discovered during the Scan
`sensor_detected`	boolean	No description.
`secondary_targets`	array	Secondary Targets related to the scanned Target

Description

No description available.

Name	Type	Description
`description`	string	Vulnerability Type description
`cvss2`	string	Vulnerability Type CVSS v2.0 vector string
`cvss3`	string	Vulnerability Type CVSS v3.0 vector string
`cvss_score`	number	Vulnerability Type CVSS v3.0 score
`impact`	string	Vulnerability Type security impact
`recommendation`	string	Vulnerability Type remediation recommendation
`long_description`	string	Vulnerability Type long description
`references`	array	Vulnerability Type references and resources

Description

No description available.

Name	Type	Description
`vt_id`	string (`uuid`)	Vulnerability Type unique identifier
`name`	string	Vulnerability Type name
`severity`	integer	Vulnerability Type severity
`tags`	array	Vulnerability Type tags
`cvss2`	string (`cvss`)	Vulnerability Type CVSS v2.0 vector string
`cvss3`	string (`cvss`)	Vulnerability Type CVSS v3.0 vector string

Description

List of Vulnerability Types found with counts

Name	Type	Description
`vulnerability_types`	array	No description.
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description
`vulnerability_types`	array	Count of Vulnerability Types found
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description
`status *`	string	Vulnerability Status (Fixed, Ignored, Open, False Positive)

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description
`vulnerabilities *`	array	Vulnerabilities list
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description
`rel *`	string	Name or type of relation
`href *`	string (`url`)	Location of related item

Description

No description available.

Name	Type	Description
`high`	integer	High-severity Vulnerability count
`medium`	integer	Medium-severity Vulnerability count
`low`	integer	Low-severity Vulnerability count
`info`	integer	Informational Alert count

Description

No description available.

Name	Type	Description
`enabled`	boolean	User account is enabled
`username`	string	User account username
`password`	string	User account SHA256 password hash

Description

No description available.

Name	Type	Description
`cookie`	string	Custom Cookies value
`url`	string (`url`)	Custom Cookies URL

Description

No description available.

Name	Type	Description
`groups`	array	No description.
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description
`group_id`	string (`uuid`)	Target Group unique identifier
`name *`	string	Target Group name
`target_count`	integer	Target Group Target count
`description`	string	No description.

Description

No description available.

Name	Type	Description
`kind *`	string	Issue Tracker authentication method
`user *`	string	Issue Tracker Username
`password *`	string	Issue Tracker Password

Description

No description available.

Name	Type	Description
`project_id`	string	The id of the project
`project_name`	string	The name of the project

Description

No description available.

Name	Type	Description
`issue_id`	string	The id of the issue type
`issue_name`	string	The name of the issue type

Description

No description available.

Name	Type	Description
`bug_tracker *`	string	Issue Tracker
`url *`	string (`url`)	Issue Tracker URL
`project`	object	No description.
`issue_type`	object	No description.
`auth *`	object	No description.

Description

No description available.

Name	Type	Description
`success`	boolean	Issue Tracker status
`message`	string	Issue Tracker message

Description

No description available.

Name	Type	Description
`projects`	array	Issue Tracker projects

Description

No description available.

Name	Type	Description
`issue_types`	array	No description.

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description
`issue_trackers`	array	No description.

Description

No description available.

Name	Type	Description
`issue_tracker_id`	string (`uuid\|empty`)	No description.
`limit_crawler_scope`	boolean	Limit crawling to Target URI and sub-directories only
`login *`	object	No description.
`sensor`	boolean	AcuSensor configured
`sensor_secret`	string	AcuSensor secret
`ssh_credentials`	object	No description.
`proxy`	object	System proxy settings
`authentication`	object	No description.
`client_certificate_password`	string	Client Certificate password
`scan_speed`	string	HTTP request send rate (Fast, Moderate, Slow, Sequential)
`case_sensitive`	string	Case-sensitive crawling
`technologies`	array	Technologies enumerated
`custom_headers`	array	Custom HTTP headers set
`custom_cookies`	array	Custom cookies set
`excluded_paths`	array	Paths excluded from the Scan scope
`user_agent`	string	User-agent string set
`debug`	boolean	Debug mode
`excluded_hours_id`	string (`uuid\|empty`)	No description.

Description

No description available.

Name	Type	Description
`description`	string	No description.
`list_type *`	string	No description.
`id_list`	array	No description.

Description

No description available.

Name	Type	Description
`list_type *`	string	No description.
`id_list`	array	No description.

Description

No description available.

Name	Type	Description
`name`	string	No description.
`content_type`	string	No description.
`accepted_sources`	array	No description.
`export_id *`	string (`uuid`)	No description.

Description

No description available.

Name	Type	Description
`templates`	array	No description.

Description

No description available.

Name	Type	Description
`add`	object	A list of exclusions to be added to the list
`delete`	object	A list of exclusions to be deleted from the list

Description

No description available.

Name	Type	Description
`excluded_paths`	array	Paths excluded from the Scan scope

Description

No description available.

Name	Type	Description
`export_id *`	string (`uuid`)	No description.
`source *`	object	No description.

Description

No description available.

Name	Type	Description
`links`	array	No description.

Description

No description available.

Name	Type	Description
`links`	array	No description.

Description

No description available.

Name	Type	Description
`template_id *`	string (`uuid`)	No description.
`source *`	object	No description.

Description

No description available.

Name	Type	Description
`loc_id`	integer	Crawl location unique identifier
`name`	string	Crawl location name
`path`	string	Crawl location path
`loc_type`	string	Crawl location type (File, Folder)
`source_id`	integer	Crawl location source unique identifier
`parent_id`	integer	No description.
`tags`	string (`tag`)	No description.
`excluded`	boolean	No description.

Description

No description available.

Name	Type	Description
`loc_id`	integer	Crawl location unique identifier
`parent_id`	integer	No description.
`source_id`	integer	No description.
`url`	string (`url`)	Crawl location URL
`severity_counts`	object	No description.
`threat`	integer	No description.

Description

No description available.

Name	Type	Description
`user_id`	string (`uuid`)	No description.
`password`	string (`sha256`)	No description.
`email *`	string (`email`)	No description.
`first_name *`	string	No description.
`last_name *`	string	No description.
`role *`	string	No description.
`access_all_groups`	boolean	No description.
`enabled`	boolean	No description.
`confirmed`	boolean	Read-only
`confirmation_token`	string (`sha256`)	No description.

Description

Account lockout settings for consecutive failed logins. The system counts the number of failed attempts per time window, once the maximum is reached the account will be locked out for a certain time.

Name	Type	Description
`max_consecutive_login_failures *`	integer	the number of failed logins would trigger account lockout. 0 disables functionality.
`time_window *`	integer	The time window [minutes] where the engine counts failed logins. Default one hour.
`lockout_time *`	integer	The time [minutes] the account login is locked if max login failures count reached. Default 30 minutes.

Description

Account security settings

Name	Type	Description
`password_max_age`	integer	Used for expiring passwords. Max password age in days, 0 disables password expiry
`password_history`	integer	Used for denying reuse of the old passwords. Represents the size of the history maintained, 0 disables the functionality.
`max_session_time`	integer	Max session time in minutes, 0 uses default.
`account_lockout *`	object	Account lockout settings for consecutive failed logins. The system counts the number of failed attempts per time window, once the maximum is reached the account will be locked out for a certain time.
`totp_required`	boolean	Time based OTP required for logging in
`totp_enabled`	boolean	Time based OTP was set up for the account.

Description

No description available.

Name	Type	Description
`user_id`	string (`uuid`)	No description.
`license_type`	string	No description.
`child_account`	boolean	No description.
`email`	string (`email`)	No description.
`company`	string	No description.
`website`	string (`host\|url`)	No description.
`phone`	string	No description.
`country`	string	No description.
`notifications`	object	No description.
`first_name`	string	No description.
`last_name`	string	No description.
`role`	string	No description.
`access_all_groups`	boolean	No description.
`enabled`	boolean	No description.

Description

No description available.

Name	Type	Description
`monthly_status`	boolean	No description.
`scans`	boolean	No description.
`updates`	boolean	No description.

Description

No description available.

Name	Type	Description
`name`	string (`filename`)	File name
`size`	integer (`int32`)	File size in bytes

Description

No description available.

Name	Type	Description
`license_key`	string	The license key
`email`	string	The email account used for activation
`product_code`	string	The product code
`expires`	string	The expire date of the license
`expired`	boolean	No description.
`grace_period_end`	string	No description.
`maintenance_expires`	string	The expire date of the maintenance
`maintenance_expired`	boolean	No description.
`activated`	boolean	No description.
`error`	string	No description.
`features`	array	No description.
`limits`	object	No description.

Description

No description available.

Name	Type	Description
`new_update`	boolean	No description.
`build_number`	string	No description.
`minor_version`	string	No description.
`major_version`	string	No description.
`update_status`	string	No description.

Description

No description available.

Name	Type	Description
`confirmation_status`	string	Only applies for the online version
`license`	object	No description.
`licensing_extra`	object	No description.
`build_number`	string	No description.
`minor_version`	string	No description.
`major_version`	string	No description.
`update_info`	object	No description.

Description

No description available.

Name	Type	Description
`upload_id`	string (`uuid`)	Uploaded file unique identifier
`name`	string (`filename`)	Uploaded file name
`size`	integer (`int32`)	Uploaded file size
`status`	boolean	Uploaded file status
`current_size`	integer	Uploaded file current size

Description

Error processing request

Name	Type	Description
`code *`	integer	No description.
`reason *`	string	Localized error message
`details`	array	No description.

Description

Temporary file upload URL

Name	Type	Description
`upload_url`	string (`url`)	No description.

Description

Uploaded file properties

Name	Type	Description
`files`	array	No description.

Description

No description available.

Name	Type	Description
`target_id`	string (`uuid`)	No description.

Description

No description available.

Name	Type	Description
`email *`	string (`email`)	No description.

Description

No description available.

Name	Type	Description
`remove`	array	Remove Targets from Target Group
`add`	array	Add Targets to Target Group

Description

No description available.

Name	Type	Description
`target_id_list`	array	Target unique identifiers

Description

No description available.

Name	Type	Description
`access_all_groups`	boolean	User has access to all Groups
`group_id_list`	array	Groups accessible by a User

Description

Targets list

Name	Type	Description
`targets *`	array	No description.
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description
`report_id`	string (`uuid`)	Report unique identifier
`source *`	object	No description.
`template_id`	string (`uuid`)	Report template unique identifier
`template_name`	string	Report template name
`template_type`	integer	Report template type
`generation_date`	string (`date-time`)	Report generation date
`status`	string	Report status
`download`	array	Report download URI

Description

No description available.

Name	Type	Description
`report_id`	string (`uuid`)	No description.
`source *`	object	No description.
`template_id`	string (`uuid`)	No description.
`template_name`	string	No description.
`template_type`	integer	No description.
`generation_date`	string (`date-time`)	No description.
`status`	string	No description.
`download`	array	No description.

Description

No description available.

Name	Type	Description
`templates`	array	No description.

Description

List of Reports

Name	Type	Description
`reports *`	array	No description.
`pagination *`	object	No description.

Description

List of available Scanning Profiles

Name	Type	Description
`scanning_profiles`	array	No description.

Description

List of queried crawl locations

Name	Type	Description
`locations *`	array	No description.
`pagination *`	object	No description.

Description

Paginated list of users

Name	Type	Description
`users *`	array	No description.
`pagination *`	object	No description.

Description

No description available.

Name	Type	Description
`kind`	string	SSH authentication method
`username`	string	SSH host username
`port`	integer (`int32`)	SSH host port
`password`	string	SSH host password
`ssh_key`	string	SSH key
`key_password`	string	SSH key passphrase

Description

No description available.

Name	Type	Description
`results`	array	No description.
`pagination *`	object	No description.

Description

Scan result properties

Name	Type	Description
`scan_id`	string (`uuid`)	Scan unique identifier
`result_id`	string (`uuid`)	Result unique identifier
`start_date`	string (`date-time`)	Scan start-date
`end_date`	string (`date-time`)	Scan end-date
`status`	string	Scan status

Description

Depending on the intent type, one may have to provide one or more properties

Name	Type	Description
`new_password`	string (`sha256`)	No description.

Description

No description available.

Name	Type	Description
`action`	string	No description.
`status`	string	No description.

Description

No description available.

Name	Type	Description
`notification_id`	string	Notification unique identifier
`resource_type`	integer	Notification resource type
`resource_id`	string (`uuid`)	Notification resource unique identifier
`type_id`	integer	Notification type unique identifier
`consumed`	boolean	Notification read
`data`	string	Notification data
`user_id`	string (`uuid`)	Notification user unique identifier
`email`	string	Notification user email address
`created`	string	Notification date created
`severity`	integer	Notification severity (0=info, 1=warn, 2=error, 3=critical)

Description

No description available.

Name	Type	Description
`target_id`	string (`uuid`)	Target unique identifier
`address *`	string (`host\|url`)	Target URL or hostname
`description`	string	Target description

Description

List of Allowed Hosts

Name	Type	Description
`hosts`	array	No description.

Description

Paginated list of Notifications

Name	Type	Description
`notifications`	array	No description.
`pagination *`	object	No description.

Description

Notification count

Name	Type	Description
`count`	integer	No description.

Description

System proxy settings

Name	Type	Description
`protocol`	string	Proxy protocol
`address`	string (`host`)	Proxy address
`port`	integer	Proxy port
`username`	string	Proxy username
`password`	string	Proxy password
`enabled`	boolean	Proxy enabled

Description

System SMTP settings

Name	Type	Description
`address *`	string (`host`)	SMTP server address
`port`	integer	SMTP server hostname
`security`	string	SMTP connection security
`username`	string	SMTP username
`password`	string	SMTP password
`from_address *`	string (`email`)	SMTP email 'From' address

Description

No description available.

Name	Type	Description
`enabled *`	boolean	No description.

Description

AcuSensor secret reset (random secret generated if none set)

Name	Type	Description
`secret`	string (`md5`)	No description.

Description

System configuration

Name	Type	Description
`notifications *`	object	System SMTP settings
`proxy`	object	System proxy settings
`excluded_hours_id`	string (`uuid\|null`)	No description.
`updates`	string	No description.

Description

Vulnerability count

Name	Type	Description
`high`	integer	No description.
`med`	integer	No description.
`low`	integer	No description.

Description

Vulnerability count by Target Business Criticality

Name	Type	Description
`critical`	object	Vulnerability count
`high`	object	Vulnerability count
`normal`	object	Vulnerability count
`low`	object	Vulnerability count

Description

Vulnerabilities by type

Name	Type	Description
`name`	string	Vulnerability name
`count`	integer	Vulnerability count
`vt_id`	string	Vulnerability Type unique identifier
`severity`	integer	Vulnerability severity

Description

Vulnerability count by Target

Name	Type	Description
`criticality`	integer	Target Business Criticality
`address`	string	Target URL or hostname
`target_id`	string	Target unique identifier
`high_vuln_count`	integer	Target high-severity vulnerability count
`med_vuln_count`	integer	Target medium-severity vulnerability count

Description

Vulnerability trend statistic

Name	Type	Description
`start_date`	string	Trend start-date
`end_date`	string	Trend end-date
`high_vulns`	integer	Trend high-severity vulnerability count
`med_vulns`	integer	Trend medium-severity vulnerability count
`weighted_vulns`	integer	No description.

Description

Open Vulnerability trend statistic

Name	Type	Description
`start_date`	string	Trend start-date
`end_date`	string	Trend end-date
`high_vulns`	integer	Trend high-severity vulnerability count
`med_vulns`	integer	Trend medium-severity vulnerability count

Description

Average Vulnerability remediation time

Name	Type	Description
`start_date`	string	Average start-date
`end_date`	string	Average end-date
`high_vuln_days`	number	Average high-severity Vulnerability count
`med_vuln_days`	number	Average medium-severity Vulnerability count
`average_days`	number	Average days to remediate Vulnerabilities
`vuln_fixed_high`	integer	Average days to remediate high-severity Vulnerabilities
`vuln_fixed_med`	integer	Average days to remediate medium-severity Vulnerabilities

Description

Average Vulnerability age

Name	Type	Description
`start_date`	string	Average Vulnerability age start-date
`end_date`	string	Average Vulnerability age start-date
`high_vuln_days`	number	Average high-severity Vulnerability age count
`med_vuln_days`	number	Average medium-severity Vulnerability age count
`average_days`	number	No description.

Description

No description available.

Name	Type	Description
`new_vulns_trending`	array	No description.
`open_vulns_trending`	array	No description.
`average_vuln_age_trending`	array	No description.
`average_remediation_time`	array	No description.

Description

No description available.

Name	Type	Description
`vuln_count`	object	Vulnerability count
`vuln_count_by_criticality`	object	Vulnerability count by Target Business Criticality
`most_vulnerable_targets`	array	No description.
`top_vulnerabilities`	array	No description.
`scans_running_count`	integer	No description.
`scans_waiting_count`	integer	No description.
`scans_conducted_count`	integer	No description.
`vulnerabilities_open_count`	integer	No description.
`targets_count`	integer	No description.

Description

No description available.

Name	Type	Description
`api_key`	string	No description.

Description

No description available.

Name	Type	Description
`target_id`	string	No description.
`scan_id`	string	No description.
`scan_session_id`	string	No description.
`scanning_app`	string	No description.
`data`	string	No description.
`index`	integer	No description.
`old`	number	No description.
`target_desc`	array	Target info (address, description)

Description

No description available.

Name	Type	Description
`values`	array	No description.

Description

No description available.

Name	Type	Description
`name *`	string	No description.
`excluded_hours_id`	string (`uuid`)	No description.
`time_offset`	integer	Time offset in minutes
`exclusion_matrix *`	array	Exclusion matrix 7d * 24h, true = exclude, false = ignore

Description

No description available.

Name	Type	Description
`values`	array	No description.

Description

No description available.

Name	Type	Description
`ui_session_id`	string (`md5`)	For internal use only

Description

No description available.

Name	Type	Description
`request_id *`	integer	No description.
`request_sign *`	string (`sha256`)	No description.
`email *`	string (`email`)	No description.
`password *`	string (`sha256`)	No description.
`company`	string	No description.
`website`	string (`host\|url`)	No description.
`phone`	string	No description.
`country *`	string	No description.
`first_name *`	string	No description.
`last_name *`	string	No description.
`campaign_id`	string	No description.
`reseller`	boolean	No description.
`web_consultant`	boolean	No description.
`utm_source`	string	No description.
`remote_address *`	string (`ip`)	No description.

Description

No description available.

Name	Type	Description
`license_key`	string (`license_key`)	No description.

Description

No description available.

Name	Type	Description
`code *`	string	No description.

Description

No description available.

Name	Type	Description
`status`	string	No description.
`errors`	array	No description.
`date`	string	No description.

Description

No description available.

Name	Type	Description
`task_id`	string	No description.

Description

No description available.

Name	Type	Description
`workers`	array	No description.

Description

No description available.

Name	Type	Description
`worker_id_list`	array	No description.

Description

No description available.

Name	Type	Description

Description

No description available.

Name	Type	Description
`description`	string	No description.

Description

No description available.

Name	Type	Description
`scanning_app *`	string	No description.
`endpoint *`	string (`url`)	No description.
`description`	string	No description.
`worker_id`	string (`uuid`)	No description.
`status`	string	No description.
`authorization`	string	No description.
`app_version`	string	No description.

Description

No description available.

Name	Type	Description
`session_id`	string (`uuid`)	No description.
`is_current`	bool	No description.
`created`	string	No description.
`expires`	string	No description.
`remote_address`	string	No description.

Description

No description available.

Name	Type	Description
`values`	array	No description.

Description

No description available.

Name	Type	Description
`target_deletion_allowance`	integer	No description.
`target_deletion_consumed`	boolean	No description.

Description

No description available.

Name	Type	Description

Name	Type	Description
`kind *`	string	Form Authentication method (None, Automatic, Sequence)
`credentials`	object	No description.

Acunetix Scanner API

Authentication

Endpoints

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

swap_horiz Responses

description Description

tune Parameters

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Parameters

Responses

Description

Get the 2nd (`cursor`) up to 4th (`limit` - exclusive) list of scans