🔘Pynt for Firefox Browser
Integrate Pynt with Firefox for seamless API security testing. Automate and enhance your API protection directly within the Firefox browser.
🚀 At a Glance: Pynt integrates directly with Firefox, enabling real-time API security testing as you browse. This seamless integration monitors API traffic, automatically generating context-aware security tests.
Capturing traffic from Firefox Browser
Pynt can also conduct an API security scan on traffic generated from Firefox in an interactive mode, following these steps:
Configure Firefox to route traffic through Pynt.
Run Pynt using the command:
pynt listen --captured-domains <domain of the APIs that need to be tested>
.Browse the site that will be tested by Pynt.
Press Enter on Pynt to start the scan.
Steps to Run Pynt with Firefox
Use the following steps to integrate Pynt with Firefox browser:
Configure Firefox to Record Traffic
Open Firefox and go to the settings to configure the proxy through which Pynt can capture the traffic.
If your target is localhost as in the example, go to about:config and modify the network.proxy.allow_hijacking_localhost
parameter to True
Configure Firefox to Import Pynt's proxy certificate
The first time you execute
pynt listen
, Pynt stores the certificates in~/.pynt/cert
.Import the
mitmproxy-ca-cert.cer
into Firefox
Example on OWASP crAPI
For this example we will use Pynt listen
and set it to capture localhost traffic:
For this example we will test with traffic to OWASPs crAPI application running locally on localhost:8888
Now on Firefox set the url to http://localhost:8888 and do various actions on crAPI web pages
After finishing browsing the site, return to the terminal where Pynt is running and press Enter to start the Pynt scan.
💡 Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.
Last updated