🔘Pynt for Insomnia

What is Insomnia?

Pynt's Integration with Insomnia

As part of its API security testing suit, Pynt allows seamless integration with any Insomnia tests.

By integrating Pynt with Insomnia, you can leverage the power of this vast platform while enhancing your API security. Pynt automatically generates context-aware security tests based on your Insomnia tests, enabling you to identify vulnerabilities early in the development cycle and reduce the risk of security issues in production.

Quick start

1. First, make sure Pynt's prerequisites are met.

2. Follow the instructions to install Pynt container here.

3. Download insomnia_goat.json functional test and import it into Insomnia.

In this example, we will use pynt listen and set it to capture all domains (no filter)

pynt listen --captured-domains "*"

Configuring Insomnia to use Pynt as a proxy

1. Open Insomnia.

2. Navigate to the settings by clicking on "Preferences" or use the shortcut Ctrl+, (Cmd+, on macOS).

3. In the Preferences window, go to the "Proxy" tab.

4. Check the option "Enable HTTP Proxy".

5. Set the "HTTP Proxy" field to 127.0.0.1 and the "Port" to 6666, which matches the Pynt listening address and port.

6. If you're working with HTTPS requests, also check "Enable HTTPS Proxy" and use the same proxy settings.

7. Close the Preferences window and proceed with your API requests as usual.

We will see the following output, meaning Pynt is listening on port 6666 for incoming traffic

Run the goat tests on Insomnia, All the HTTP and HTTPS requests from Insomnia will now be routed through Pynt. When done, return to the terminal and hit Enter to start Pynt scan on the traffic generated by Insomnia

When the scan is complete the Pynt report will open in the browser.