NOTE: this API is only available to On-demand scan subscribers. Contact us for details.
Ondemand Scope Domain Bulk API
NOTE: this API is available from development endpoint only.
This API is used to launch an active scan against the given list of domain names. DNS enumeration will be performed at this stage, and all FQDNs with DNS resolution will be scanned. When launched, a Scan ID will be given back to you. This Scan ID can be used to track current scan result or to fetch past scan results.
Using curl
curl -H 'Content-Type: application/json' -H 'Authorization: bearer YOUR_APIKEY' -XPOST 'https://www.onyphe.io/api/v2/dev/ondemand/scope/domain/bulk' -d '{ "domain":"DOMAIN1.TLD,DOMAIN2.TLD,DOMAIN3.TLD" }'
Available parameters
- maxscantime: default to 120 seconds
- urlscan: turn on or off urlscan stage (default to on)
- vulnscan: turn on or off vulnscan stage (default to on)
- import: turn on or off importing of results into ONYPHE or your private Elastic Stack (default to off)
NOTE: By importing results into ONYPHE, your results will become public. If you have your own Elastic Stack configured, results will be imported in your private Elastic Stack and will remain private. - ports: list of ports to scan, comma-separated list (default to ONYPHE’s scanned ports)
curl -H 'Content-Type: application/json' -H 'Authorization: bearer YOUR_APIKEY' -XPOST 'https://www.onyphe.io/api/v2/dev/ondemand/scope/domain/bulk' -d '{ "domain":"DOMAIN1.TLD,DOMAIN2.TLD,DOMAIN3.TLD", "import":"true", "vulnscan":"false","urlscan":"false", "ports":"80,443" }'
Using ONYPHE CLI
echo DOMAIN1.TLD > /tmp/domains.txt
echo DOMAIN2.TLD >> /tmp/domains.txt
echo DOMAIN3.TLD >> /tmp/domains.txt
onyphe -ondemand-scope-domain-bulk /tmp/domains.txt
Fetching scan results
See Ondemand Scope Result API.
Response codes
error: 0, text: 'Success'
error: 1, text: 'Unknown error'
error: 2, text: 'Invalid API key format'
error: 3, text: 'No API key given'
error: 4, text: 'Rate limit reached'
error: 5, text: 'Client not allowed'
error: 6, text: 'Scope type is unknown'
error: 7, text: 'Failed to parse scope'
error: 8, text: 'Target is undefined'
error: 9, text: 'Scan is already running'
error: 10, text: 'Cache query failed'
error: 11, text: 'Target has invalid format'
error: 12, text: 'Scan ID is undefined'
error: 13, text: 'Scan ID not found'
error: 14, text: 'Scan ID has no results'
error: 15, text: 'Scan ID has empty results'
error: 16, text: 'Scan ID has no scope'
error: 17, text: 'Target not allowed'
error: 18, text: 'License not allowed'
error: 19, text: 'No API key given'
error: 20, text: 'Error not found'
error: 21, text: 'Scan failed to start'
error: 22, text: 'maxscantime parameter must be an integer'
error: 23, text: 'urlscan parameter must be true or false'
error: 24, text: 'vulnscan parameter must be true or false'
error: 100, text: 'Scan ID not found'
error: 101, text: 'Scan ID has no scope file'
error: 102, text: 'Scan ID has an empty scope file'
error: 103, text: 'Scan ID is in progress'
error: 104, text: 'Scan ID has been killed'
error: 105, text: 'Scan ID has no DNS resolution'
error: 106, text: 'Scan ID has no open port'
error: 107, text: 'Scan ID has no application results'
error: 108, text: 'Scan ID has no result file'
error: 109, text: 'Scan ID has result file but is empty'
error: 110, text: 'Scan ID scope is of unknown type'
error: 111, text: 'Scan ID results are being built'