πPynt for Cypress
Overview
Using Cypress for end-to-end testing in combination with Pynt for automated API security testing is a powerful approach to enhance the security of your web applications.
As part of its API security testing suite, Pynt allows integration with Cypress to automate security scans within your test suites to detect and mitigate vulnerabilities effectively.
Prerequisites
Before integrating Pynt with Cypress, make sure Pynt's prerequisites are met and follow the instructions to install Pynt CLI.
How to Run Pynt with Cypress
Pynt allows you to run API Security tests from Cypress E2E tests using pynt command.
Basic Command
To run Pynt with Cypress, use the following command:
pynt command --cmd "npx cypress run"This will execute your Cypress tests while Pynt captures all API traffic and performs security analysis.
Running Specific Test Files
To run a specific test file with Pynt:
pynt command --cmd "npx cypress run --spec cypress.spec.cy.js"Or for tests in subdirectories:
Example with Options
Here's a complete example with common Pynt options:
Configuration Options
Self-Signed Certificates
If your client is. validating SSL and can accept self-signed certificates, use the --self-signed flag:
Custom CA Certificate
If your client needs a specific certificate, provide the path to it with --ca-path:
Application Configuration
Link your scan to a specific application:
Test Naming
Use the --test-name flag to give your security scan a meaningful name:
Allow Errors
To continue security scanning even when tests fail:
Goat Example:
Here's a comprehensive example demonstrating Pynt with Cypress:
Download the test files:
Run Pynt
This will start a Pynt scan on Goat APIs, result should look like:
Last updated