How to start a scan

Start a scan on a target to test it for vulnerabilities. The identified vulnerabilities are known as findings.
By default, the scan is executed following what is configured in the target settings. However, you can override some of the settings to force different behaviors, namely:

• Force a different scan profile. You can check the available scan profiles using the List Scan Profiles endpoint with the filters type and verified filled according with the target you want to scan.
• Narrow the scope of the scan by setting absolute URLs within the target’s scope.
• Force the scan to start even if it is in the blackout period defined in the target settings. If the blackout period occurs after the scan has started, it is still applied.

We will explore both scenarios in this tutorial: starting a scan with no overrides and with overrides.

Step 1: Start the scan

To start a scan on a target, you need to know the target identifier. You can list the targets in your account to select which target you want to start the scan.

In this request, the target identifier is 2oir9t8RKxdr.

No overrides

In this case, the scan starts with no overrides, i.e., all the settings in the target will be used as default.

Request

curl 'https://api.probely.com/targets/2oir9t8RKxdr/scan_now/' \
   -X POST \
   -H 'Authorization: JWT <YOUR_API_TOKEN>' \
   -H 'Content-Type: application/json'

The response will return the newly started scan with the status as queued.

Response

{
  "id": "3mX3wqKYBRQc",
  "target": {
    "id": "2oir9t8RKxdr",
    "name": "",
    "site": {
      "id": "spMJGK2QAB7B",
      "name": "My target",
      "desc": "",
      "url": "https://example.com",
      "host": "example.com",
      ...
    },
   ...
   },
  "status": "queued",
  "started": null,
  "completed": null,
  ...
}

With overrides

In this case, the scan starts using the default target settings except for two that are overridden:

• The scan profile is set to full.
• Only a reduced scope of the target is scanned: https://example.com/admin.

Request

curl 'https://api.probely.com/targets/2oir9t8RKxdr/scan_now/' \
  -X POST \
  -H 'Authorization: JWT <YOUR_API_TOKEN>' \
  -H 'Content-Type: application/json' \
  --data-raw '{
    "scan_profile": "full",
    "reduced_scopes": [
      {
        "url": "https://example.com/admin",
        "enabled": true
      }
    ]
  }'

The response will return the newly started scan with the status as queued.

Response

{
  "id": "3mX3wqKYBRQc",
  "target": {
    "id": "2oir9t8RKxdr",
    "name": "",
    "site": {
      "id": "spMJGK2QAB7B",
      "name": "My target",
      "desc": "",
      "url": "https://example.com",
      "host": "example.com",
      ...
    },
   ...
   },
  "status": "queued",
  "started": null,
  "completed": null,
  ...
}

The scan will start soon and the status will change to started. You can check the scan status using the Retrieve Scan endpoint. See also how to check when a scan is complete.

To list your scans, see how to list scans.

To get notifications on your scans, check the API reference documentation on Events for more details.