🔘Pynt for Firefox Browser

Integrate Pynt with Firefox for seamless API security testing. Automate and enhance your API protection directly within the Firefox browser.


Capturing traffic from Firefox Browser

Pynt can also conduct an API security scan on traffic generated from Firefox in an interactive mode, following these steps:

  • Configure Firefox to route traffic through Pynt.

  • Run Pynt using the command: pynt listen --captured-domains <domain of the APIs that need to be tested>.

  • Browse the site that will be tested by Pynt.

  • Press Enter on Pynt to start the scan.


Steps to Run Pynt with Firefox

Use the following steps to integrate Pynt with Firefox browser:


Configure Firefox to Record Traffic

  • Open Firefox and go to the settings to configure the proxy through which Pynt can capture the traffic.

Configure Proxy in Firefox

If your target is localhost as in the example, go to about:config and modify the network.proxy.allow_hijacking_localhost parameter to True

Enable Firefox to route localhost traffic to proxy

Configure Firefox to Import Pynt's proxy certificate

  • The first time you execute pynt listen, Pynt stores the certificates in ~/.pynt/cert.

  • Import the mitmproxy-ca-cert.cer into Firefox

Import Pynt's proxy certificate
Download certificate

Example on OWASP crAPI

For this example we will use Pynt listen and set it to capture localhost traffic:

pynt listen --captured-domains localhost

For this example we will test with traffic to OWASPs crAPI application running locally on localhost:8888

Now on Firefox set the url to http://localhost:8888 and do various actions on crAPI web pages

Firefox examle

After finishing browsing the site, return to the terminal where Pynt is running and press Enter to start the Pynt scan.

Pynt for Firefox example

💡 Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.

Last updated