🔘Pynt for Rest Assured

Integrate Pynt with Rest Assured to enhance API security testing. Automate security scans within your Rest Assured test suites to detect and mitigate vulnerabilities effectively.

What is RestAssured?

💡 RestAssured is a popular Java-based library for testing RESTful APIs. It simplifies the process of validating and verifying API responses by providing an easy-to-use syntax for making API calls. With RestAssured, you can test APIs seamlessly in your Java projects.

Pynt's integration with RestAssured

As part of its API security testing suit, Pynt allows seamless integration with any RestAssured test.

By integrating Pynt with RestAssured, you can leverage the power of this vast platform while enhancing your API security. Pynt automatically generates context-aware security tests based on your RestAssured test scripts, enabling you to identify vulnerabilities early in the development cycle and reduce the risk of security issues in production. If your functional tests are based on Java Rest Assured, you can use pynt command to run API Security tests from these functional tests.

Quick start

First, make sure Pynt's prerequisites are met.
Follow the instructions to install Pynt container here.
Then, continue with the below example.

Example

goat-rest-assured is a Rest Assured based project of a functional test of goat vulnerable application. we run it with:

mvn test

Now, to run Pynt on it, we run:

pynt command --cmd "mvn -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=6666 test"

SSL support

If your functional test is enforcing SSL certificate verification (e.g. https) you will need to provide Pynt a certificate, If your client need a specific certificate, provide the path to it with --ca_path

pynt command --cmd "<your test command> -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=6666 -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=6666" --ca-path <path to certificate file>

If your client does not use a specific certificate you will need to generate a certificate file and provide it to Pynt:

Generate a certificate (Linux)

1) Download make_certificate.sh

2) Download openssl.cnf

3) chmod +x make_certificate.sh

4) Generate the certificate: ./make_certificate.sh

5) create a trust-store, you will be prompted with entering a password for the key store (from now on we will assume the trust-store is called test.jks and the password is test123456):

keytool -importcert -file ./rootCA.crt -keystore test.jks

Run Pynt with generated certificate

pynt command --cmd "mvn test -Dhttp.proxyHost=127.0.0.1 -Dhttp.proxyPort=6666 -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=6666 -Djavax.net.ssl.trustStore=./test.jks -Djavax.net.ssl.trustStorePassword=test123456" --ca-path rootCA.pem

💡 Pynt CLI Troubleshooting: If you're encountering issues with Pynt's CLI, visit the Pynt CLI Troubleshooting Guide for solutions and troubleshooting tips.

💡 Still Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.

PreviousPynt for Selenium NextPynt for Jest

Last updated 1 year ago