Skip to main content
POST
/
scans
Start a new pentest
curl --request POST \
  --url https://app.strix.ai/api/v1/scans \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "domain_ids": [
    "<string>"
  ],
  "domain_paths": {},
  "repository_ids": [
    "<string>"
  ],
  "repository_branches": {},
  "credentials": [
    {
      "username": "<string>",
      "password": "<string>",
      "notes": "<string>"
    }
  ],
  "headers": [
    {
      "name": "<string>",
      "value": "<string>",
      "notes": "<string>"
    }
  ],
  "concerns": "<string>",
  "focus": "<string>",
  "context": "<string>",
  "upload_ids": [
    "<string>"
  ],
  "connector_id": "<string>",
  "internal_targets": [
    "<string>"
  ]
}
'
{
  "scan_id": "<string>",
  "title": "<string>",
  "status": "<string>"
}

Authorizations

Authorization
string
header
required

API token from Settings > API Access

Body

application/json
domain_ids
string[]

Domain IDs to pentest

domain_paths
object

Map of domain ID to specific paths to pentest

repository_ids
string[]

Repository IDs to pentest

repository_branches
object

Map of repository ID to branch name

credentials
object[]

Authentication credentials for targets

headers
object[]

Custom HTTP headers for requests

concerns
string

Specific security concerns to investigate

focus
string

Areas to focus the pentest on

context
string

Additional context about the target

upload_ids
string[]

IDs of uploaded files to include

connector_id
string

Network connector ID for internal scanning

internal_targets
string[]

Internal network targets (requires connector)

Response

201 - application/json

Pentest created

scan_id
string
title
string
status
string