Pynt can also run API security scan on traffic generated from Firefox

Steps to Run Pynt with Firefox

  1. Configure Firefox to Record Traffic:

    • Open Firefox and go to the settings to configure the proxy through which Pynt can capture the traffic.

    If your target is localhost as in the example, go to about:config and modify the network.proxy.allow_hijacking_localhost parameter to True

For this example we will use Pynt listen and set it to capture localhost traffic:

pynt listen --captured-domains localhost

For this example we will test with traffic to OWASPs crAPI application running locally on localhost:8888

Now on Firefox set the url to http://localhost:8888 and do various actions on crAPI web pages

Once done brosing the site go back to the terminal where Pynt run and hit enter to begin pynt scan

Last updated