Retrieve an attack vector for a vulnerability

get

https://sentinel.whitehatsec.com/api/vuln/{vuln_id}/attack_vector/{attack_vector_id}

This operation returns an object containing information about the specified attack vector (AV) and vulnerability (vuln). AV data can be shaped by the display parameters for this operation.

Path Params

vuln_id

int32

required

Vulnerability ID.

attack_vector_id

int32

required

Attack vector ID (multiple attack vector IDs not allowed).

Query Params

display_has_notes

string

enum

Defaults to 0

Display whether or not notes exist for this attack vector.

Allowed:

display_attack_vector_notes

string

enum

Defaults to 0

Display attack vector notes for this attack vector.

Allowed:

display_attack_vector_flagged

string

enum

Defaults to 0

Display the 'flagged' value for this attack vector.

Allowed:

display_attack_vector_scanner_tags

string

enum

Defaults to 0

Display scanner tags for each attack vector.

Allowed:

display_request

string

enum

Defaults to 1

Display attack vector (AV) request information. Displayed by default, but can be omitted from output by setting this flag to 0.

Allowed:

display_response

string

enum

Defaults to 1

Display attack vector (AV) response information. Displayed by default, but can be omitted from output by setting this flag to 0.

Allowed:

display_body

string

enum

Defaults to 0

Display attack vector response body. Response body data returned may be quite large. Note that if display_response=0, this param is meaningless.

Allowed:

display_body_match

string

enum

Defaults to 0

Display attack vector response body match. The body match is a portion of the body. Body match data returned may be quite large, and will include a HTML-tagged highlight of the vulnerability. Note that if display_response=0, this param is meaningless.

Allowed:

display_abbr

string

enum

Defaults to 0

Display an abbreviated body match as part of the attack vector response content. PREREQUISITE: display_body=1

Allowed:

display_headers

string

enum

Defaults to 1

Display attack vector request and response headers. Displayed by default, but can be omitted from output by setting this flag to 0. Note that this param is meaningless if display_request=0 and display_response=0, since headers are a part of these.

Allowed:

display_param

string

enum

Defaults to 1

Display attack vector request parameter name and value. Displayed by default, but can be omitted from output by setting this flag to 0. Note that if display_request=0, this param is meaningless.

Allowed:

format

string

enum

Defaults to xml

Requested resource format for the response.

Allowed:

Headers

string

enum

Defaults to application/json

Generated from available response content types

Allowed:

Responses

400

BadRequestResponse indicates a request with invalid parameters.

401

UnauthorizedResponse signals an unauthorized API access.

403

ForbiddenResponse signals a request for a resource that does not exist or is not authorized.

500

GenericError generic error.

Language

Response

Choose an example:

application/json

application/xml

200Provides data for the specified attack vector (AV) and vulnerability (vuln). AV data can be shaped by the display parameters listed here.