🔘Pynt for Cypress

Overview

Using Cypress for end-to-end testing in combination with Pynt for automated API security testing is a powerful approach to enhance the security of your web applications.

As part of its API security testing suite, Pynt allows integration with Cypress to automate security scans within your test suites to detect and mitigate vulnerabilities effectively.

Prerequisites

Before integrating Pynt with Cypress, make sure Pynt's prerequisites are met and follow the instructions to install Pynt CLI.

How to Run Pynt with Cypress

Pynt allows you to run API Security tests from Cypress E2E tests using pynt command.

Basic Command

To run Pynt with Cypress, use the following command:

pynt command --cmd "npx cypress run"

This will execute your Cypress tests while Pynt captures all API traffic and performs security analysis.

Running Specific Test Files

To run a specific test file with Pynt:

pynt command --cmd "npx cypress run --spec cypress.spec.cy.js"

Or for tests in subdirectories:

pynt command --cmd "npx cypress run --spec cypress/e2e/api-tests.cy.js"

Example with Options

Here's a complete example with common Pynt options:

pynt command --cmd "npx cypress run" \
     --test-name "Cypress E2E Security Tests" \
     --application-name "My Application"

Configuration Options

Self-Signed Certificates

If your client is. validating SSL and can accept self-signed certificates, use the --self-signed flag:

pynt command --cmd "npx cypress run" --self-signed

Custom CA Certificate

If your client needs a specific certificate, provide the path to it with --ca-path:

pynt command --cmd "npx cypress run" --ca-path /path/to/certificate.pem

Application Configuration

Link your scan to a specific application:

pynt command --cmd "npx cypress run" --application-name "My Web App"

Test Naming

Use the --test-name flag to give your security scan a meaningful name:

pynt command --cmd "npx cypress run" --test-name "Production E2E Security Tests"

Allow Errors

To continue security scanning even when tests fail:

pynt command --cmd "npx cypress run" --allow-errors

Goat Example:

Here's a comprehensive example demonstrating Pynt with Cypress:

Download the test files:

86B
cypress.config.js
Open
2KB
cypress.spec.cy.js
Open

Run Pynt

pynt command --cmd "npx cypress run --spec cypress.spec.cy.js"

This will start a Pynt scan on Goat APIs, result should look like:

PreviousPynt with Testing FrameworksNextPynt for pytest

Last updated