Skip to main content
Run one or multiple scan tools on a given target (e.g., dns, ports, ssl, headers, whois).
Requires a valid authentication token in the AUTH header.

Headers

AUTH
string
required
Authentication token (JWT) obtained from the /auth/login endpoint

Request Body

target
string
required
The domain to scan with http or https prefix
scans
array
required
List of scan types to perform.
Available values: dns, ports/!\ These tools are still work in progress, new tools will be added soon.

Example Request

curl -X POST "https://api.scorton.tech/scans/" \
  -H "AUTH: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  -d '{
    "target": "example.com",
    "scans": ["dns", "ports", "ssl"]
  }'

## Example Response

```json
{
  "target": "https://scorton.tech",
  "performed_scans": ["type1", "type2"],
  "results": {
    "type1": {
        "data": "example data"
    },
    "type2": {
        "data": "example data"
    },
  }
}

Success Response

StatusDescription
200Returns the scan results

Error Responses

StatusDescriptionExample
400Missing or invalid argument{ "detail": "Bad request: Missing target." }, { "detail": "Bad Request: No scan types specified." }
401Missing or invalid token{ "detail": "Unauthorized: Invalid or expired token." }
403Account not validated yet{ "detail": "Forbidden: Account is not validated yet." }
404User not found{ "detail": "Not Found: User does not exist." }