🔘Pynt for Firefox Browser
Integrate Pynt with Firefox for seamless API security testing. Automate and enhance your API protection directly within the Firefox browser.
Last updated
Integrate Pynt with Firefox for seamless API security testing. Automate and enhance your API protection directly within the Firefox browser.
Last updated
🚀 At a Glance: Pynt integrates directly with Firefox, enabling real-time API security testing as you browse. This seamless integration monitors API traffic, automatically generating context-aware security tests.
Pynt can also conduct an API security scan on traffic generated from Firefox in an interactive mode, following these steps:
Configure Firefox to route traffic through Pynt.
Run Pynt using the command: pynt listen --captured-domains <domain of the APIs that need to be tested>.
Browse the site that will be tested by Pynt.
Press Enter on Pynt to start the scan.
Use the following steps to integrate Pynt with Firefox browser:
Open Firefox and go to the settings to configure the proxy through which Pynt can capture the traffic.
If your target is localhost as in the example, go to about:config and modify the network.proxy.allow_hijacking_localhost parameter to True
The first time you execute pynt listen, Pynt stores the certificates in ~/.pynt/cert.
Import the mitmproxy-ca-cert.cer into Firefox
For this example we will use Pynt listen and set it to capture localhost traffic:
For this example we will test with traffic to OWASPs crAPI application running locally on localhost:8888
Now on Firefox set the url to http://localhost:8888 and do various actions on crAPI web pages
After finishing browsing the site, return to the terminal where Pynt is running and press Enter to start the Pynt scan.
💡 Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.
