Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
shield

GitHub Action

VulnAPI Action

v1.0.3

VulnAPI Action

shield

VulnAPI Action

VulnAPI is an open-source project designed to help you scan your APIs for common security vulnerabilities and weaknesses

Installation

Copy and paste the following snippet into your .yml file.

              

- name: VulnAPI Action

uses: cerberauth/[email protected]

Learn more about this action in cerberauth/vulnapi-action

Choose a version

vulnapi logo


Join Discord GitHub Workflow Status Latest version Github Repo Stars License

VulnAPI: An API Security Vulnerability Scanner

VulnAPI is an Open-Source DAST designed to help you scan your APIs for common security vulnerabilities and weaknesses.

By using this tool, you can detect and mitigate security vulnerabilities in your APIs before they are exploited by attackers.

Use this action to scan your project for vulnerabilities with VulnAPI.

Vulnerabilities Detected

All the vulnerabilities detected by the project are listed at this URL: API Vulnerabilities Detected.

More vulnerabilities and best practices will be added in future releases. If you have any suggestions or requests for additional vulnerabilities or best practices to be included, please feel free to open an issue or submit a pull request.

Example usage

Using OpenAPI

name: Scan for API vulnerabilities

on: [push]

permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: VulnAPI
        uses: cerberauth/vulnapi-action@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          openapi: 'openapi.yaml'

Using Curl

name: Scan for API vulnerabilities

on: [push]

permissions:
  contents: read

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: VulnAPI
        uses: cerberauth/vulnapi-action@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          curl:
            'curl http://localhost:8080 -H "Authorization: Bearer eyJhbGci..."'

Inputs

General

Name Required Description Default
version false The version of the file to scan. latest

Curl Scan Options

Name Required Description Default
curl false The curl command to scan.

OpenAPI Scan Options

Name Required Description Default
openapi false The OpenAPI file location (path or URL)

VulnAPI Supported Flags

Name Required Description Default
scans false The scans performed. all
excludeScans false The scans to exclude.
rateLimit false The rate limit used to run API vulnerability scans. 10/s
proxy false The proxy server used during the scan.
severityThreshold false The severity threshold to trigger a failure. 0

Outputs

Scan results are output to the console.

Disclaimer

This scanner is provided for educational and informational purposes only. It should not be used for malicious purposes or to attack any system without proper authorization. Always respect the security and privacy of others.

License

This repository is licensed under the MIT License @ CerberAuth.