Why BLACKBIRD Web App Pentesting Suite

The web application pentesting suite for penetration testers

Community

Blog

Product& API Documentation | BLACKBIRD Technologies (Formerly NOVA SECURITY)

API Reference

Dashboard

Customer Support

There are several reasons why it'd be a more wise decision to choose us above any other alternative. This page outlines all of the reasons why.

BLACKBIRD Web App Pentesting Suite is a complete toolkit for penetration testers and security professionals who want to save time and find more security vulnerabilities by leveraging the latest attack techniques derived from the competitive and ever-evolving bug bounty world.

Introduction

Common terminologies and definitions used on BLACKBIRD Web App Pentesting Suite

Glossary

This page describes how you can scan your list of targets for security vulnerabilities using BLACKBIRD Web Security Vulnerability Scanner

BLACKBIRD Web Security Vulnerability Scanner

In this article, we will go over how you can easily start a recon scan on your list of targets or target definition to map out as many hosts & live hosts as possible.

Launching a Recon Scan

In this article, we will go over how you can easily start a deep scan on your list of target URLs or even a target definition to uncover vulnerabilities.

Launching a Deep Scan

Out-of-band &#x28;OOB&#x29; Server is your personal private OOB server to receive invocations on for Out-of-band Application Security Testing &#x28;OAST&#x29;

OOB Server

Callback Server is your personal private Callback Server to help you scan for Blind Cross-Site Scripting &#x28;XSS&#x29; vulnerabilities.

OOB Callback Server

WAYPOINTS is a scalable solution to define your own personalized scan rules to look for security vulnerabilities on your organisation's or company's network.

WAYPOINTS Template-based Scanner

**Templates** or **Scan Rules** are predefined JSON objects to instruct WAYPOINTS to look for security vulnerabilities across your organisation's or company's network. In this guide we will go over what templates (or scan rules) are.

What is a WAYPOINTS template or scan rule?

**Templates** or **Scan Rules** are predefined JSON objects to instruct WAYPOINTS to look for security vulnerabilities across your organisation's or company's network. In this guide I will go over how you can create your private template.

Creating a WAYPOINTS template

Nova Security provides an extensive API to start, delete, and view scans at any time.

Authentication

API Status

Retrieve your account statistics by resource

Clear Notifications

Retrieve a list of all the hosts found on all target

Retrieve a list of all live hosts found on all target

Retrieve a list of all the latest reported hosts

Retrieve a list of all the latest reported live hosts

Retrieve all live hosts of a specific target

Create Target Definiton

Delete Target Definitions

Launch a Quick Scan

Initiate a new host discovery scan on your specific target

Launch a Deep Scan

Delete Deep Scans

Start SUBDOMAINX Scan

Start CNAME X Scan

Initiate a Cross-Origin Resource Sharing misconfiguration scan

Start SPIDER X Scan

Start an Open URL Redirect (CWE-601) Scan

Start REDIRECT X Scan

Start a Cross-Site Scripting (CWE-79) Scan

Start XSSCANNER Scan

Schedule a host discovery scan to run periodically

Retrieve the next current time your scan will be scheduled

Retrieve results of all host discovery scans performed on a specific target

Retrieve results of a specific host discovery scan performed on a specific target

Delete Target Scans

Retrieve all host discovery results for all your targets

Retrieve the current scan status by scanId

Retrieve all scan results for a specific scanner

Delete Scan Results

Delete Multiple Scans

Retrieve a list of vulnerabilities found on your target

Getting Started

Web Security Vulnerability Scanner

Private Out-of-Band (OOB) Server

WAYPOINTS

Why BLACKBIRD Web App Pentesting Suite