Engine Commands - COS301-SE-2025/API-Threat-Assessment-Tool GitHub Wiki
Rehister New User
{
"command": "auth.register",
"data":
{
"username": "string",
"password": "string",
"email": "string"
}
}
Response:
-
status = 200 if successful
-
data = none
-
status = 400 if not successful
-
data = error message
Description:
- Creates a new user
Check User Login
{
"command": "auth.login",
"data":
{
"username": "string",
"password": "string"
}
}
Response:
-
status = 200 if successful
-
data = { "user_id": "string" }
-
status = 400 if not successful
-
data = none
Description:
- Validates the user's login credentials
Login with Google
{
"command": "auth.google",
"data":
{
"token": "string"
}
}
Response:
-
status = 200 if successful
-
data = { "user_id": "string" }
-
status = 400 if not successful
-
data = none
Description:
- Logs user in using a Google OAuth token
Logout
{
"command": "auth.logout",
"data": {}
}
Response:
- status = 200 if successful
- data = none
Description:
- Logs the current user out
Dashboard Overview
{
"command": "dashboard.overview",
"data": {}
}
Response:
- status = 200
- data = { "overview_data": ... }
Description:
- Returns system-wide overview information for dashboard display
Dashboard Metrics
{
"command": "dashboard.metrics",
"data": {}
}
Response:
- status = 200
- data = { "metrics": ... }
Description:
- Returns scan and usage metrics for dashboard
Dashboard Alerts
{
"command": "dashboard.alerts",
"data": {}
}
Response:
- status = 200
- data = { "alerts": [...] }
Description:
- Returns alerts such as scan failures or findings
Get All APIs
{
"command": "apis.get_all",
"data": {"user_id": "string"}
}
Response:
- status = 200
- data = [ { "api_id": "string", "name": "string", ... }, ... ]
Description:
- Retrieves all APIs managed by the daemon for a particular user
Create API
{
"command": "apis.create",
"data": {
"name": "string",
"description": "string",
"file": "specification file"
}
}
Response:
- status = 200
- data = { "api_id": "string" }
Description:
- Creates a new API record
Get API Details
{
"command": "apis.details",
"data": {
"api_id": "string"
}
}
Response:
- status = 200
- data = { "name": "string", "endpoints": [...], ... }
Description:
- Returns metadata and endpoints for a specific API
Update API
{
"command": "apis.update",
"data": {
"api_id": "string",
"name": "string",
"description": "string"
}
}
Response:
- status = 200
- data = none
Description:
- Updates an existing API's metadata
Delete API
{
"command": "apis.delete",
"data": {
"api_id": "string"
}
}
Response:
- status = 200
- data = none
Description:
- Deletes a specific API
Import API from File
{
"command": "apis.import_file",
"data": {
"file": "file"
}
}
Response:
- status = 200
- data = { "api_id": "string" }
Description:
- Loads an OpenAPI specification from a local file
Import API from URL
{
"command": "apis.import_url",
"data": {
"url": "string"
}
}
Response:
- status = 200
- data = { "api_id": "string" }
Description:
- Fetches and loads an OpenAPI specification from a URL
List API Endpoints
{
"command": "endpoints.list",
"data": {
"api_id": "string"
}
}
Response:
- status = 200
- data = [ { "id": "string", "path": "string", ... }, ... ]
Description:
- Returns all endpoints for a given API
Get Endpoint Details
{
"command": "endpoints.details",
"data": {
"endpoint_id": "string"
}
}
Response:
- status = 200
- data = { "id": "string", "path": "string", "tags": [...], ... }
Description:
- Retrieves detailed information about a specific endpoint
Add Endpoint Tags
{
"command": "endpoints.tags.add",
"data": {
"endpoint_id": "string",
"tags": ["string", ...]
}
}
Response:
- status = 200
- data = none
Description:
- Adds tags to an endpoint
Remove Endpoint Tags
{
"command": "endpoints.tags.remove",
"data": {
"endpoint_id": "string",
"tags": ["string", ...]
}
}
Response:
- status = 200
- data = none
Description:
- Removes specific tags from an endpoint
Replace Endpoint Tags
{
"command": "endpoints.tags.replace",
"data": {
"endpoint_id": "string",
"tags": ["string", ...]
}
}
Response:
- status = 200
- data = none
Description:
- Replaces all tags associated with an endpoint
List All Tags
{
"command": "tags.list",
"data": {}
}
Response:
- status = 200
- data = [ "tag1", "tag2", ... ]
Description:
- Returns a list of all known tags in the system
Create Scan
{
"command": "scan.create",
"data": {
"client_id": "string",
"scan_profile": "string"
}
}
Response:
- status = 200
- data = { "scan_id": "string", "results_count": number }
Description:
- Creates a scan for a given API and runs associated vulnerability tests
Get Scan Results
{
"command": "scan.results",
"data": {
"scan_id": "string"
}
}
Response:
- status = 200
- data = [ { "endpoint": "string", "result": { ... } }, ... ]
Description:
- Retrieves the results of a completed scan
Start Scan
{
"command": "scan.start",
"data": {
"scan_id": "string"
}
}
Response:
- status = 200
- data = none
Description:
- Starts an existing paused/pending scan
Stop Scan
{
"command": "scan.stop",
"data": {
"scan_id": "string"
}
}
Response:
- status = 200
- data = none
Description:
- Stops a running scan
List All Scans
{
"command": "scan.list",
"data": {}
}
Response:
- status = 200
- data = [ { "scan_id": "string", "status": "running|completed", ... } ]
Description:
- Lists all scans run or scheduled
List All Templates
{
"command": "templates.list",
"data": {}
}
Response:
- status = 200
- data = [ { "id": "string", "name": "string", ... } ]
Description:
- Returns available scan templates
Get Template Details
{
"command": "templates.details",
"data": {
"template_id": "string"
}
}
Response:
- status = 200
- data = { "id": "string", "description": "string", ... }
Description:
- Retrieves full details about a template
Use Template
{
"command": "templates.use",
"data": {
"template_id": "string",
"api_id": "string"
}
}
Response:
- status = 200
- data = { "results_count": number }
Description:
- Uses a template to run a predefined scan
Get User Profile
{
"command": "user.profile.get",
"data": {}
}
Response:
- status = 200
- data = { "username": "string", "role": "string", ... }
Description:
- Retrieves profile data for the logged-in user
Update User Profile
{
"command": "user.profile.update",
"data": {
"username": "string",
"email": "string"
}
}
Response:
- status = 200
- data = none
Description:
- Updates the profile details of the current user
Get User Settings
{
"command": "user.settings.get",
"data": {}
}
Response:
- status = 200
- data = { "notifications": true, ... }
Description:
- Gets current user preferences/settings
Update User Settings
{
"command": "user.settings.update",
"data": {
"notifications": true
}
}
Response:
- status = 200
- data = none
Description:
- Updates the user settings
List All Reports
{
"command": "reports.list",
"data": {}
}
Response:
- status = 200
- data = [ { "report_id": "string", "date": "string", ... } ]
Description:
- Lists all vulnerability reports
Get Report Details
{
"command": "reports.details",
"data": {
"report_id": "string"
}
}
Response:
- status = 200
- data = { "summary": "string", "findings": [...] }
Description:
- Gets full contents of a specific report
Download Report
{
"command": "reports.download",
"data": {
"report_id": "string",
"report_type": "technical|executive"
}
}
Response:
- status = 200
- data = { "report": "base64 or text" }
Description:
- Generates and returns a download of the selected report type
Connection Test
{
"command": "connection.test",
"data": {}
}
Response:
- status = 200
- data = { "message": "Connection Established" }
Description:
- Used to test whether the daemon is reachable and responsive
Ascii Art
.==.
()''()-.
.---. ;--; /
.'_:___". _..'. __'.
|__ --==|'-''' \'...;
[ ] :[| |---\
|__| I=[| .' '.
/ / ____| : '._
|-/.____.' | : :
snd /___\ /___\ '-'._----'
__
.-.__ \ .-. ___ __
|_| '--.-.-( \/\;;\_\.-._______.-.
(-)___ \ \ .-\ \;;\( \ \ \
Y '---._\_((Q)) \;;\\ .-\ __(_)
I __'-' / .--.((Q))---' \,
I ___.-: \| | \'-'_ \
A .-' \ .-.\ \ \ \ '--.__ '\
| |____.----((Q))\ \__|--\_ \ '
( ) '-' \_ : \-' '--.___\
Y \ \ \ \(_)
I \ \ \ \,
I \ \ \ \
A \ \ \ '\
| snd \ \__| '
\_:. \
\ \ \
\ \ \
\_\_|