🔘Pynt for .NET (xUnit)

Integrate Pynt with xUnit to enhance API security testing in .NET environments. Automate security scans within your test suites to detect and mitigate vulnerabilities as part of your CI/CD pipeline.

What is xUnit?

💡 xUnit is a widely-used testing framework for .NET applications, known for its extensibility, simplicity, and integration with Visual Studio. It supports async tests, shared context, and rich assertions—making it ideal for unit, integration, and functional testing. xUnit helps ensure code correctness and reliability through automated and structured test execution.


xUnit and Pynt Integration

Pynt integrates seamlessly with .NET test projects using xUnit. By observing traffic from your functional test executions, Pynt generates security tests that simulate real-world attacks and help identify critical vulnerabilities in your APIs.

This enables your .NET team to shift security testing left—during development—not after deployment.


Quick Start

  1. Prepare your .NET environment

    Ensure you have the .NET SDK installed (version 6 or later is recommended).

  2. Install Pynt container

    Follow the Pynt installation guide to install and run the Pynt container.

  3. Clone or write your xUnit-based functional tests

    You can use your existing API test suite, or follow the example below.


Example

We’ve created a sample vscode project that tests login and transaction access for goat sample APIs.

Download it here:

ApiTest.cs

ApiTests.csproj

Run the tests normally with:

dotnet test

To run Pynt on this test suite:

pynt command --cmd "dotnet test"

This will:

  • Intercept traffic from your functional tests

  • Automatically generate security test cases

  • Report vulnerabilities like Broken Auth, IDOR, and more


SSL Support

🔐 Manually Providing Certificates

If your HttpClient configuration requires a specific CA certificate:

pynt command --cmd "dotnet test" --ca-path <path to certificate file>

If no certificate exists, generate one:

Generate a certificate (Linux/macOS)

  1. Download openssl.cnf

  2. Make the script executable:

    chmod +x make_certificate.sh
  3. Run the script:

    ./make_certificate.sh

Then run your test with the generated certificate:

pynt command --cmd "dotnet test" --ca-path rootCA.pem

💡 Pynt CLI Troubleshooting

If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guide for solutions and tips.


💬 Still Need Help?

For questions or help, reach out to the Pynt Community Support or join our Slack workspace.


Last updated