🔘Pynt for .NET (xUnit)
Integrate Pynt with xUnit to enhance API security testing in .NET environments. Automate security scans within your test suites to detect and mitigate vulnerabilities as part of your CI/CD pipeline.
What is xUnit?
💡 xUnit is a widely-used testing framework for .NET applications, known for its extensibility, simplicity, and integration with Visual Studio. It supports async tests, shared context, and rich assertions—making it ideal for unit, integration, and functional testing. xUnit helps ensure code correctness and reliability through automated and structured test execution.
xUnit and Pynt Integration
Pynt integrates seamlessly with .NET test projects using xUnit. By observing traffic from your functional test executions, Pynt generates security tests that simulate real-world attacks and help identify critical vulnerabilities in your APIs.
This enables your .NET team to shift security testing left—during development—not after deployment.
Quick Start
Prepare your .NET environment
Ensure you have the .NET SDK installed (version 6 or later is recommended).
Install Pynt container
Follow the Pynt installation guide to install and run the Pynt container.
Clone or write your xUnit-based functional tests
You can use your existing API test suite, or follow the example below.
Example
We’ve created a sample vscode project that tests login and transaction access for goat sample APIs.
Download it here:
Run the tests normally with:
dotnet test
To run Pynt on this test suite:
pynt command --cmd "dotnet test"
This will:
Intercept traffic from your functional tests
Automatically generate security test cases
Report vulnerabilities like Broken Auth, IDOR, and more
SSL Support
🔐 Manually Providing Certificates
If your HttpClient configuration requires a specific CA certificate:
pynt command --cmd "dotnet test" --ca-path <path to certificate file>
If no certificate exists, generate one:
Generate a certificate (Linux/macOS)
Download
make_certificate.sh
Download
openssl.cnf
Make the script executable:
chmod +x make_certificate.sh
Run the script:
./make_certificate.sh
Then run your test with the generated certificate:
pynt command --cmd "dotnet test" --ca-path rootCA.pem
💡 Pynt CLI Troubleshooting
If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guide for solutions and tips.
💬 Still Need Help?
For questions or help, reach out to the Pynt Community Support or join our Slack workspace.
Last updated