Skip to content

Upgrade API Documentation to be Python 3 Compatible #1304

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
jess-tech-lab wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Upgrade API Documentation to be Python 3 Compatible #1304

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
7e8d1dc
Upgrade API Documentation to be Python 3 Compatible
jess-tech-lab Feb 23, 2026
ec34e3f
refactor: update code and security documentation
jess-tech-lab Feb 24, 2026
cf6814a
Merge branch 'master' into master
arkid15r Mar 3, 2026
007d6b1
Merge branch 'master' into master
jess-tech-lab Mar 8, 2026
b55e417
Merge branch 'master' into master
jess-tech-lab Mar 21, 2026
8aa08b4
Merge branch 'master' into master
jess-tech-lab Mar 29, 2026
1b4543f
Merge branch 'master' into master
jess-tech-lab Apr 4, 2026
01a18b6
Merge branch 'master' into master
jess-tech-lab Apr 8, 2026
b3aeda8
Merge branch 'master' into master
jess-tech-lab Apr 12, 2026
f74ea6d
Merge branch 'master' into master
jess-tech-lab Apr 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
61 changes: 32 additions & 29 deletions docs/API.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,20 +52,22 @@ am4n@am4n-HP-ProBook-450-G4:~/Documents/OWASP-Nettacker$ python nettacker.py --s

At the first, you must send an API key through the request each time you send a request in `GET`, `POST`, or `Cookies` in the value named `key` or you will get `401` error in the restricted area.

Note the examples below call `disable_warnings(InsecureRequestWarning)` and use `verify=False`, which disables TLS certificate validation. This is only for the local Nettacker API with a self-signed cert and must not be used against external/production hosts.

```python
>>> import requests
>>> from requests.packages.urllib3.exceptions import InsecureRequestWarning
>>> requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
>>> r = requests.get('https://127.0.0.1:5000/?key=8370bd0a0b9a98ac25b341833fb0fb07')
>>> r = requests.get('https://127.0.0.1:5000/?key=<your_api_key>', verify=False)
>>> r.status_code
200
>>> r = requests.post('https://127.0.0.1:5000/', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
>>> r = requests.post('https://127.0.0.1:5000/', data={"key": "<your_api_key>"}, verify=False)
>>> r.status_code
200
>>> r = requests.get('https://127.0.0.1:5000/', cookies={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
>>> r = requests.get('https://127.0.0.1:5000/', cookies={"key": "<your_api_key>"}, verify=False)
>>> r.status_code
200
>>> r = requests.get('https://127.0.0.1:5000/new/scan', cookies={"key": "wrong_key"})
>>> r = requests.get('https://127.0.0.1:5000/new/scan', cookies={"key": "wrong_key"}, verify=False)
>>> r.status_code
401
```
Expand All @@ -75,11 +77,11 @@ At the first, you must send an API key through the request each time you send a
To submit a new scan follow this step.

```python
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07", "targets": "127.0.0.1,owasp.org", "selected_modules": "port_scan", "report_path_filename": "/home/test.html"})
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "<your_api_key>", "targets": "127.0.0.1,owasp.org", "selected_modules": "port_scan", "report_path_filename": "/home/test.html"}, verify=False)
>>> r.status_code
200
>>> import json
>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
{
"backup_ports": null,
"check_ranges": false,
Expand Down Expand Up @@ -123,16 +125,16 @@ To submit a new scan follow this step.
Please note, `targets` and `selected_modules` are **necessary** to submit a new scan unless you modify the config file before! The `selected_modules` could be empty if you define the `profile`.

```python
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
>>> r.content
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "<your_api_key>"}, verify=False)
>>> r.text
'{"msg":"Cannot specify the target(s)","status":"error"}\n'

>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1"})
>>> r.content
u'{"msg":"please choose your scan method!","status":"error"}\n'
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "<your_api_key>", "targets": "127.0.0.1"}, verify=False)
>>> r.text
'{"msg":"please choose your scan method!","status":"error"}\n'

>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1", "selected_modules": "dir_scan,port_scan", "report_path_filename": "/home/test.html"})
>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "<your_api_key>", "targets": "127.0.0.1", "selected_modules": "dir_scan,port_scan", "report_path_filename": "/home/test.html"}, verify=False)
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
{
"backup_ports": null,
"check_ranges": false,
Expand Down Expand Up @@ -172,8 +174,8 @@ u'{"msg":"please choose your scan method!","status":"error"}\n'
"users": null,
"verbose_level": 0
}
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1", "profile": "information_gathering"})
>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "<your_api_key>", "targets": "127.0.0.1", "profile": "information_gathering"}, verify=False)
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
{
"backup_ports": null,
"check_ranges": false,
Expand Down Expand Up @@ -227,16 +229,17 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> s = requests.session()
>>> r = s.get("https://localhost:5000/session/set?key=09877e92c75f6afdca6ae61ad3f53727")
>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
>>> s.verify = False
>>> r = s.get("https://localhost:5000/session/set?key=<your_api_key>")
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
{
"msg": "your browser session is valid",
"status": "ok"
}
>>> print r.cookies
<RequestsCookieJar[<Cookie key=09877e92c75f6afdca6ae61ad3f53727 for localhost.local/>]>
>>> print(r.cookies)
<RequestsCookieJar[<Cookie key=<your_api_key> for localhost.local/>]>
>>> r = s.get("https://localhost:5000/new/scan")
>>> print r.content
>>> print(r.text)
{
"msg": "Cannot specify the target(s)",
"status": "error"
Expand All @@ -248,7 +251,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> r = s.get("https://localhost:5000/session/check")
>>> print r.content
>>> print(r.text)
{
"msg": "your browser session is valid",
"status": "ok"
Expand All @@ -258,13 +261,13 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> r = s.get("https://localhost:5000/session/kill")
>>> print r.content
>>> print(r.text)
{
"msg": "your browser session killed",
"status": "ok"
}

>>> print r.cookies
>>> print(r.cookies)
<RequestsCookieJar[]>
>>>
```
Expand All @@ -273,7 +276,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> r = s.get("https://localhost:5000/results/get_list?page=1")
>>> print(json.dumps(json.loads(r.content), sort_keys=True, indent=4))
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
[
{
"api_flag": 0,
Expand Down Expand Up @@ -418,7 +421,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> r = s.get("https://localhost:5000/results/get?id=8")
>>> print r.content[:500]
>>> print(r.text[:500])
<!DOCTYPE html>
<!-- THIS PAGE COPIED AND MODIFIED FROM http://bl.ocks.org/robschmuecker/7880033-->
<title>OWASP Nettacker Report</title>
Expand Down Expand Up @@ -451,7 +454,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow
## Hosts List
```python
>>> r = s.get("https://localhost:5000/logs/search?q=&page=1")
>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
[
{
"host": "owasp.org",
Expand Down Expand Up @@ -480,7 +483,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow

```python
>>> r = s.get("https://localhost:5000/logs/search?q=port_scan&page=3")
>>> print r.content
>>> print(r.text)
[
{
"host": "owasp4.owasp.org",
Expand Down Expand Up @@ -666,7 +669,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow
## Generate a HTML Scan Result for a Host
```python
>>> r = s.get("https://localhost:5000/logs/get_html?target=127.0.0.1&key=<your_api_key>")
>>> print r.content[:1000]
>>> print(r.text[:1000])
<!DOCTYPE html>
<!-- THIS PAGE COPIED AND MODIFIED FROM http://bl.ocks.org/robschmuecker/7880033-->
<title>OWASP Nettacker Report</title>
Expand Down Expand Up @@ -707,7 +710,7 @@ To enable session-based requests, like (e.g. Python `requests.session()` or brow
### Get the Scan Result in JSON Type
```python
>>> r = s.get("https://localhost:5000/logs/get_json?target=owasp.org&key=<your_api_key>")
>>> print(json.dumps(json.loads(r.content), sort_keys=True, indent=4))
>>> print(json.dumps(r.json(), sort_keys=True, indent=4))
[
{
"DESCRIPTION": "443/http/TCP_CONNECT",
Expand Down
Loading