rorix
Sign In

Pentest API

Programmatically create pentest jobs, poll their status, and retrieve results.

All endpoints require an API key passed via the Authorization: Bearer header. See Authentication for details.

POST /api/pentest

Create a new pentest job.

Request Body

| Field | Type | Required | Description | |---|---|---|---| | targetUrl | string | Yes | The URL to scan | | specUrl | string | No | OpenAPI/Swagger spec URL for API fuzzing | | projectId | string | No | Link the pentest to a project |

Example

curl -X POST https://rorix.io/api/pentest \
  -H "Authorization: Bearer rxk_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "targetUrl": "https://example.com",
    "specUrl": "https://example.com/openapi.json"
  }'

Response

{
  "jobId": "job_xyz789",
  "status": "queued",
  "targetUrl": "https://example.com",
  "createdAt": "2026-03-22T10:00:00Z"
}

GET /api/pentest/{jobId}

Get the status and results of a pentest job.

Example

curl https://rorix.io/api/pentest/job_xyz789 \
  -H "Authorization: Bearer rxk_your_api_key"

Response

{
  "jobId": "job_xyz789",
  "status": "completed",
  "targetUrl": "https://example.com",
  "findings": [
    {
      "severity": "high",
      "name": "SQL Injection",
      "target": "https://example.com/api/users?id=1",
      "description": "Parameter 'id' is vulnerable to SQL injection.",
      "remediation": "Use parameterized queries instead of string concatenation."
    }
  ],
  "summary": {
    "critical": 0,
    "high": 1,
    "medium": 2,
    "low": 3,
    "info": 5
  },
  "completedAt": "2026-03-22T10:05:00Z"
}

GET /api/pentest/history

List past pentest jobs for the authenticated organization.

Query Parameters

| Parameter | Type | Default | Description | |---|---|---|---| | projectId | string | — | Filter by project | | limit | number | 20 | Number of results to return | | offset | number | 0 | Pagination offset |

Example

curl "https://rorix.io/api/pentest/history?limit=10" \
  -H "Authorization: Bearer rxk_your_api_key"

Response

{
  "jobs": [
    {
      "jobId": "job_xyz789",
      "status": "completed",
      "targetUrl": "https://example.com",
      "findingsCount": 11,
      "createdAt": "2026-03-22T10:00:00Z",
      "completedAt": "2026-03-22T10:05:00Z"
    }
  ],
  "total": 1
}
ProjectsPolicy Reference