🔘Pynt with Prerecorded Har Files

Use Pynt with prerecorded HAR files to analyze and secure your APIs based on traffic data. Enhance your API security testing with detailed, traffic-based assessments.

🚀 At a Glance: Pynt allows you to use Prerecorded HAR Files for API security testing, providing a powerful way to assess testing environments or real-world API traffic. By importing HAR files into Pynt, you can run comprehensive security scans on captured traffic data, ensuring the Pynt's security tests leverages actual API usage.


What is HAR File

A HAR (HTTP Archive) file is a JSON-formatted file that logs a web browser's interaction with a site. It records all web requests and responses, including URLs, headers, body content, and the timing information for each resource. HAR files are used for analyzing network performance issues and troubleshooting website errors.


How to Record HAR Files

Recording HAR files can be done using various methods, depending on the browser or tool you are using. Here are the most common ways:


Using Google Chrome

  1. Open the Chrome menu (three dots) and select More tools > Developer tools.

  2. Go to the Network tab.

  3. Check the Preserve log box to save all interactions.

  4. Reproduce the issue you are encountering.

  5. Right-click within the Network tab and choose Save all as HAR with content.


Using Mozilla Firefox

  1. Open the menu (three horizontal bars) and select Web Developer > Network, or press Ctrl+Shift+E.

  2. Reproduce the issue on the site.

  3. Click the Save all as HAR icon to export the HAR file.


Using Safari

  1. Go to Safari > Preferences > Advanced and check the Show Develop menu in menu bar.

  2. From the Develop menu, select Show Web Inspector.

  3. Click the Network tab and reproduce the issue.

  4. Right-click the network items and select Export HAR.


Using Other Tools

  • WebPageTest: When running a test, select the Chrome tab and check the Capture Network Log option.

  • Fiddler: Can capture network traffic and export it as a HAR file.

  • Charles Proxy: Can also be used to generate HAR files from captured network traffic.

Each method varies slightly but ultimately serves the purpose of capturing web interactions to troubleshoot or analyze website performance issues.


Setup

  1. First, make sure Pynt's prerequisites are met.

  2. Follow the instructions to install Pynt container here.


Run Pynt CLI Command for HAR

Basic usage

pynt har --har <path to har file> --captured-domains <domain>

Required arguments

--har - Path to har file
--captured-domains - Pynt will scan only these domains and subdomains. For all domains write "*"

Optional arguments

--reporters - Output results to json
--application-id - Attach the scan to an application, you can find the ID in your applications area at app.pynt.io
--host-ca - Path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.

How to run Pynt with HAR file

For example, running Pynt on a HAR file of goat:

get the goat.har file here

Run Pynt:

pynt har --har goat.har --captured-domains  "*"

💡 Pynt CLI Troubleshooting: If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guide for solutions and troubleshooting tips.

💡 Still Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.

Last updated