🔘Pytest
If your functional tests are based on python pytest, you can use pynt command to run API Security tests from these functional tests.
Here is an example: goat_functional_test.py is a python based tester for goat (our vulnerable application) that we use to test the functionality of goat, we run it with:
Now, to run Pynt on it, we run:
SSL Support
If your functional test is enforcing SSL certificate verification (e.g. https) you will need to provide Pynt a certificate, If your client need a specific certificate, provide the path to it with --ca_path
If your client does not use a specific certificate you will need to generate a certificate file and provide it to Pynt:
Generate a certificate (Linux)
1) Download make_certificate.sh
2) Download openssl.cnf
3) chmod +x make_certificate.sh
4) Generate the certificate: ./make_certificate.sh
Run Pynt with generated certificate
Use the export REQUESTS_CA_BUNDLE before your command to instruct your functional test to use the new certificate and provide the path ti the certificate with --ca-path to instruct Pynt to use the generated certificate
Last updated