🔘Rest Assured
If your functional tests are based on Java Rest Assured, you can use pynt command to run API Security tests from these functional tests.
for example: goat-rest-assured is a Rest Assured based project of a functional test of goat vulnerable application. we run it with:
Now, to run Pynt on it, we run:
SSL Support
If your functional test is enforcing SSL certificate verification (e.g. https) you will need to provide Pynt a certificate, If your client need a specific certificate, provide the path to it with --ca_path
If your client does not use a specific certificate you will need to generate a certificate file and provide it to Pynt:
Generate a certificate (Linux)
1) Download make_certificate.sh
2) Download openssl.cnf
3) chmod +x make_certificate.sh
4) Generate the certificate: ./make_certificate.sh
5) create a trust-store, you will be prompted with entering a password for the key store (from now on we will assume the trust-store is called test.jks and the password is test123456):
Run Pynt with generated certificate
Last updated