Get Started with Threatspy

We have devloped Threatspy for Developers & Security Engineers to efficiently detecting, prioritizing, and remediating security vulnerabilities in web applications and APIs. By using Threatspy, you can easily enhance the security of your applications and APIs, and we're thrilled that you've chosen to give it a go. We've put together a comprehensive guide that will help you get the most out of Threatspy and safeguard your applications and APIs.

Follow the steps below to get started:

Run Your First Scan

Follow this guide to get up and running with threatspyscan, the easiest way to scan your applications & API directly from dashboard. We will begin with adding the assets.

Steps

1. Add Assets: Point your Domain/IP to establish the ownership for your Digital Assets.
2. Verify Assets: Validate the ownership through any of the method ( DNS/ META/FILE)
3. Add Scan Profile: Add Scan Scope and Credentials after selecting one of the application Type.

Type: Web Application

1. Give scan profile name in ScanProfilename
2. Select the Credential Type in CredentialType from None/Authorization Header/Cookies.
3. To perform Authenticated scan provide Authorization header/Cookies value with name in respective fields.

Type: API

1. In API Defination: Upload the Swagger/Open API File.
2. Give scan profile name in ScanProfilename
3. Select the Credential Type in CredentialType from Authorization Token/Cookies.
4. Pass the Token/Cookie Name and Value in respective Fields.
5. Lets Get Started: Reconfirm the details entered in above steps and Submit.

Start Scan

From All Assets tabs select the type of scan out of Light and Deep and click on start scan button to begin the same.