🔘Pynt for Firefox Browser

Integrate Pynt with Firefox for seamless API security testing. Automate and enhance your API protection directly within the Firefox browser.

🚀 At a Glance: Pynt integrates directly with Firefox, enabling real-time API security testing as you browse. This seamless integration monitors API traffic, automatically generating context-aware security tests.

Capturing traffic from Firefox Browser

Pynt can also conduct an API security scan on traffic generated from Firefox in an interactive mode, following these steps:

Configure Firefox to route traffic through Pynt.
Run Pynt using the command: pynt listen --captured-domains <domain of the APIs that need to be tested>.
Browse the site that will be tested by Pynt.
Press Enter on Pynt to start the scan.

Steps to Run Pynt with Firefox

Use the following steps to integrate Pynt with Firefox browser:

Configure Firefox to Record Traffic

Open Firefox and go to the settings to configure the proxy through which Pynt can capture the traffic.

If your target is localhost as in the example, go to about:config and modify the network.proxy.allow_hijacking_localhost parameter to True

Configure Firefox to Import Pynt's proxy certificate

The first time you execute pynt listen, Pynt stores the certificates in ~/.pynt/cert.
Import the mitmproxy-ca-cert.cer into Firefox

Example on OWASP crAPI

For this example we will use Pynt listen and set it to capture localhost traffic:

pynt listen --captured-domains localhost

For this example we will test with traffic to OWASPs crAPI application running locally on localhost:8888

Now on Firefox set the url to http://localhost:8888 and do various actions on crAPI web pages

After finishing browsing the site, return to the terminal where Pynt is running and press Enter to start the Pynt scan.

💡 Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.

PreviousPynt with Browsers NextLive Traffic Connectors

Last updated 9 months ago