🔘Pynt for Rest Assured
Integrate Pynt with Rest Assured to enhance API security testing. Automate security scans within your Rest Assured test suites to detect and mitigate vulnerabilities effectively.
What is RestAssured?
💡 RestAssured is a popular Java-based library for testing RESTful APIs. It simplifies the process of validating and verifying API responses by providing an easy-to-use syntax for making API calls. With RestAssured, you can test APIs seamlessly in your Java projects.
Pynt's integration with RestAssured
As part of its API security testing suit, Pynt allows seamless integration with any RestAssured test.
By integrating Pynt with RestAssured, you can leverage the power of this vast platform while enhancing your API security. Pynt automatically generates context-aware security tests based on your RestAssured test scripts, enabling you to identify vulnerabilities early in the development cycle and reduce the risk of security issues in production. If your functional tests are based on Java Rest Assured, you can use pynt command to run API Security tests from these functional tests.
Quick start
First, make sure Pynt's prerequisites are met.
Follow the instructions to install Pynt container here.
Then, continue with the below example.
Example
goat-rest-assured is a Rest Assured based project of a functional test of goat vulnerable application. we run it with:
Now, to run Pynt on it, we run:
SSL support
If your functional test is enforcing SSL certificate verification (e.g. https) you will need to provide Pynt a certificate, If your client need a specific certificate, provide the path to it with --ca_path
If your client does not use a specific certificate you will need to generate a certificate file and provide it to Pynt:
Generate a certificate (Linux)
1) Download make_certificate.sh
2) Download openssl.cnf
3) chmod +x make_certificate.sh
4) Generate the certificate: ./make_certificate.sh
5) create a trust-store, you will be prompted with entering a password for the key store (from now on we will assume the trust-store is called test.jks and the password is test123456):
Run Pynt with generated certificate
💡 Pynt CLI Troubleshooting: If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guide for solutions and troubleshooting tips.
💡 Still Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.
Last updated