{"id":20382625,"url":"https://github.com/archerysec/archerysec-api-doc","last_synced_at":"2025-10-07T01:05:35.215Z","repository":{"id":39874508,"uuid":"117414282","full_name":"archerysec/archerysec-api-doc","owner":"archerysec","description":"Archery Tool API documentation","archived":false,"fork":false,"pushed_at":"2022-10-19T13:14:01.000Z","size":312,"stargazers_count":4,"open_issues_count":7,"forks_count":5,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-12T08:54:14.679Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/archerysec.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-01-14T08:27:23.000Z","updated_at":"2024-03-14T10:31:37.000Z","dependencies_parsed_at":"2022-09-21T03:02:32.269Z","dependency_job_id":null,"html_url":"https://github.com/archerysec/archerysec-api-doc","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/archerysec/archerysec-api-doc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archerysec%2Farcherysec-api-doc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archerysec%2Farcherysec-api-doc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archerysec%2Farcherysec-api-doc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archerysec%2Farcherysec-api-doc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/archerysec","download_url":"https://codeload.github.com/archerysec/archerysec-api-doc/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archerysec%2Farcherysec-api-doc/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278703699,"owners_count":26031234,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-06T02:00:05.630Z","response_time":65,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-15T02:18:21.814Z","updated_at":"2025-10-07T01:05:35.188Z","avatar_url":"https://github.com/archerysec.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"---\ntitle: Archery API Reference\n\nlanguage_tabs: # must be one of https://git.io/vQNgJ\n - shell\n\n\ntoc_footers:\n - \u003ca href='https://github.com/anandtiwarics/archerysec/'\u003eSign Up for a Contribution\u003c/a\u003e\n - \u003ca href='https://github.com/lord/slate'\u003eDocumentation Powered by Slate\u003c/a\u003e\n\nincludes:\n - errors\n\nsearch: true\n---\n\n# Introduction\n\n```shell\n _ \n /\\ | | \n / \\ _ __ ___| |__ ___ _ __ _ _ \n / /\\ \\ | '__/ __| '_ \\ / _ \\ '__| | | |\n / ____ \\| | | (__| | | | __/ | | |_| |\n /_/ \\_\\_| \\___|_| |_|\\___|_| \\__, |\n __/ |\n |___/ \n \n```\n\nWelcome to the Archery Tool API! You can use our API to access Archery Tool API endpoints, which can help you to launch scan and manage vulnerabilities.\n\nThe API is organized around REST. All request and response bodies, including errors, are encoded in JSON.\n\n\nTo play around with a few examples, we recommend a REST client called Postman. Simply tap the button below to import a pre-made collection of examples.\n\n[![Run in Postman](https://run.pstmn.io/button.svg)](https://www.getpostman.com/collections/:collection_id?)\n\n\n### Note\n\nArchery tool and Documentation is still **in-progress**. When i have free-time, i will improve documentation.\n\n# Authentication\n\n\u003e To authorize, use this code:\n\n```shell\n# With shell, you can just pass the correct header with each request\n\ncurl http://localhost:8000/api-token-auth/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -d '{\"username\":\"admin\",\"password\":\"admin@123\"}' \n \n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n[\n {\n \"token\":\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\n .eyJ1c2VybmFtZSI6ImFkbWluIiwidXNlcl9pZCI6MSwiZW1haW\n wiOiIiLCJleHAiOjE1MTU4NzQxNDR9.3Oy0ga2jp3\n A8Pjh0T87LZijBh-M94z-mgjZ06j-mI0w\"\n }\n]\n\n```\n\nProvide your Archery tool credential in order to get the authentication token which will use for all further API calls. \n\n\n### Query Parameters\n\nParameter | Required| Description\n--------- | ------- | -------------------|\n`username` | Yes |Provide your username. \n`password` | Yes |Provide your password.\n\n\n# Projects\n\n## Get All Projects\n\n\n```shell\ncurl http://localhost:8000/api/project/ \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\"\n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n\n[\n {\n \"project_id\":\"cf8ca247-dde3-445c-bfee-07366d7c6136\",\n \"project_name\":\"ASDF\",\n \"project_disc\":\"ASD\",\n \"project_start\":\"2018-01-11\",\n \"project_end\":\"2018-01-09\",\n \"project_owner\":\"SDF\"\n }\n]\n\n```\n\nGet the list of all projects and create projects using API. Archery tool has the ability to manage your projects and their scans. We can create projects bin where we are performing scans.\n\nUse the project list API to get the all available projects in Archery Tool.\n\n\nNow in order to access protected api urls you must include the `Authorization: JWT \u003cyour_token\u003e` header.\n\n\u003caside class=\"notice\"\u003e\nYou must replace \u003ccode\u003eToken\u003c/code\u003e with your personal API token.\n\u003c/aside\u003e\n\n\n## Create Project\n\n```shell\n\ncurl http://localhost:8000/api/project/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\" \\\n -d '{\"project_name\":\"ASDF\",\n \"project_disc\":\"ASD\",\n \"project_start\":\"2018-01-11\",\n \"project_end\":\"2018-01-09\",\n \"project_owner\":\"SDF\"}'\n\n```\n\n\n\u003e The above command returns JSON structured like this:\n\n```json\n[\n {\n \"message\":\"Project Created\"\n }\n]\n```\n\n\nCreate a new project for an account. Project name and project description is required field to create new project. Others are optional and may you leave empty.\n\n\n### Query Parameters\n\nParameter | Required| Description\n--------- | ------- | -------------------|\nproject_name | Yes |Provide the project Name. Archery including all projects name is required to create new porject.\nproject_disc | Yes |Project Description. Provide proper descriptions about the project for understanding\nproject_start | Optional | Project start date. This parameter is optional.\nproject_end | Optional | Project end date. This parameter is optional\nproject_owner | Optional | Tag a Owner of the project. This Parameter is optional.\n\n\n# Web Scan\n\n## Get All Web Scans\n\n\n```shell\ncurl http://localhost:8000/api/webscan/ \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\"\n```\n\n\n\u003e The above command returns JSON structured like this:\n\n```json\n[\n {\n \"scan_url\": \"http://demo.testfire.net\",\n \"project_id\": \"93a102fe-0d16-465b-b487-f331af1bfb9b\",\n \"scan_scanid\": \"4f47616d-2b97-4ba2-a483-1a963de7e6c3\",\n \"vul_status\": 100,\n \"total_vul\": \"230\",\n \"high_vul\": \"5\",\n \"medium_vul\": \"60\",\n \"low_vul\": \"165\",\n \"date_created\": \"2018-01-11T09:01:11.851000Z\",\n \"date_modified\": \"2018-01-11T09:01:11.858000Z\"\n },\n {\n \"scan_url\": \"http://demo.testfire.net\",\n \"project_id\": \"93a102fe-0d16-465b-b487-f331af1bfb9b\",\n \"scan_scanid\": \"23ac9336-42f4-4752-a2b1-5ac73a1d9af4\",\n \"vul_status\": 100,\n \"total_vul\": \"230\",\n \"high_vul\": \"5\",\n \"medium_vul\": \"61\",\n \"low_vul\": \"164\",\n \"date_created\": \"2018-01-11T09:01:11.851000Z\",\n \"date_modified\": \"2018-01-11T09:01:11.858000Z\"\n }\n]\n```\n\nThis endpoint retrieves all webscans results. Archery performing webscans and if you want to list down all available scans, you can use this API. This is simple HTTP get request which list down all your web scans. \n\n### HTTP Request\n\n`GET http://localhost:8000/api/webscan/`\n\n\n\n\u003c!-- \u003caside class=\"success\"\u003e\nauthenticated\n\u003c/aside\u003e --\u003e\n\n## Launch Web Scan\n\n\n```shell\ncurl http://localhost:8000/api/webscan/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\" \\\n -d '{\"scan_url\":\"http://example.com\",\"project_id\":\"project_id\"}'\n \n```\n\n\n\u003e The above command returns JSON structured like this:\n\n```json\n[\n {\n \"message\":\"Scan Launched\"\n }\n]\n```\n\nThe API endpoint use for Launch the scans. You can provide all required input and scan will be launched.\n\n\u003c!-- \u003caside class=\"warning\"\u003eInside HTML code blocks like this one, you can't use Markdown, so use \u003ccode\u003e\u0026lt;code\u0026gt;\u003c/code\u003e blocks to denote code.\u003c/aside\u003e --\u003e\n\n### HTTP Request\n\n`POST http://localhost:8000/api/webscan/`\n\n### URL Parameters\n\nParameter | Required| Description\n--------- | -----------| ------\nscan_url | Yes | Provide the scan target URL \nproject_id | Yes | Provide Project ID \n\n## Get Scan Results\n\n```shell\n\ncurl http://localhost:8000/api/webscanresult/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\" \\\n -d '{\"scan_id\":\"a20b9c2e-1bd0-4a69-8771-67c023a3b96b\"}'\n\n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n\n[\n {\n \"scan_id\": \"6706074e-9fb9-48b8-96f9-b2500eba7bff\",\n \"project_id\": \"4cdf22f5-2edd-4615-8290-bbfcc06421e2\",\n \"url\": \"http://127.0.0.1:8008/webscanners/\",\n \"vuln_id\": \"e4f0091c-2bc7-4e7a-bd07-47b68f0f51f3\",\n \"confidence\": \"Medium\",\n \"wascid\": \"0\",\n \"cweid\": \"0\",\n \"risk\": \"Informational\",\n \"reference\": \"https://www.owasp.org/index.php/Web_Application_Security_Testing_Cheat_Sheet\",\n \"name\": \"User Agent Fuzzer\",\n \"solution\": \"\",\n \"param\": \"Header User-Agent\",\n \"evidence\": \"\",\n \"sourceid\": \"1\",\n \"pluginId\": \"10104\",\n \"other\": \"\",\n \"attack\": \"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)\",\n \"messageId\": \"297\",\n \"method\": \"GET\",\n \"alert\": \"User Agent Fuzzer\",\n \"ids\": \"\",\n \"description\": \"Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.\",\n \"req_res\": \"\",\n \"note\": \"\",\n \"rtt\": \"5\",\n \"tags\": \"[]\",\n \"timestamp\": \"1517461799789\",\n \"responseHeader\": \"HTTP/1.0 200 OK\\r\\nDate: Thu, 01 Feb 2018 05:09:59 GMT\\r\\nServer: WSGIServer/0.1 Python/2.7.13\\r\\nVary: Cookie\\r\\nX-Frame-Options: SAMEORIGIN\\r\\nContent-Type: text/html; charset=utf-8\\r\\nContent-Length: 2630\\r\\nSet-Cookie: csrftoken=15coi19x5Tb4QklEg614BhFRUKOgvb2dMStqmUOc6c2yLlMsJ2e29lFr5GKgmP4a; expires=Thu, 31-Jan-2019 05:09:59 GMT; Max-Age=31449600; Path=/\\r\\n\\r\\n\",\n \"requestBody\": \"\",\n \"responseBody\": \"\u003c!DOCTYPE html\u003e\\n\u003chtml lang=\\\"en\\\"\u003e\\n\\n\u003chead\u003e\\n \u003ctitle\u003eArchery\u003c/title\u003e\\n \u003clink rel=\\\"icon\\\" href=\\\"/static/logo.png\\\" type=\\\"image/x-icon\\\"\u003e\\n \u003cmeta charset=\\\"UTF-8\\\"/\u003e\\n \u003cmeta name=\\\"viewport\\\" content=\\\"width=device-width, initial-scale=1.0\\\"/\u003e\\n \u003clink rel=\\\"stylesheet\\\" href=\\\"/static/css/bootstrap.min.css\\\"/\u003e\\n \u003clink rel=\\\"stylesheet\\\" href=\\\"/static/css/bootstrap-responsive.min.css\\\"/\u003e\\n \u003clink rel=\\\"stylesheet\\\" href=\\\"/static/css/archery-login.css\\\"/\u003e\\n \u003clink href=\\\"/static/font-awesome/css/font-awesome.css\\\" rel=\\\"stylesheet\\\"/\u003e\\n \u003clink href='http://fonts.googleapis.com/css?family=Open+Sans:400,700,800' rel='stylesheet' type='text/css'\u003e\\n\\n\u003c/head\u003e\\n\u003cbody\u003e\\n\u003cdiv id=\\\"loginbox\\\"\u003e\\n \u003cform id=\\\"loginform\\\" class=\\\"form-vertical\\\" action=\\\"/auth/\\\" method=\\\"POST\\\"\u003e\u003cinput type='hidden' name='csrfmiddlewaretoken' value='ZbUNJtjW8leoWQxYIvt1vzIqDygVFRw6KYbPNmYB9E5SRRYMbrGZ3DI0OucVwvy3' /\u003e\\n \u003cdiv class=\\\"control-group normal_text\\\"\u003e\u003ch3\u003e\u003cimg src=\\\"/static/archery.png\\\"\\n style=\\\"max-width:190px; margin-top: 10px;\\\" alt=\\\"\\\"/\u003e\u003c/h3\u003e\u003c/div\u003e\\n \u003cdiv class=\\\"control-group\\\"\u003e\\n \u003cdiv class=\\\"controls\\\"\u003e\\n \u003cdiv class=\\\"main_input_box\\\"\u003e\\n \u003cspan class=\\\"add-on bg_lg\\\"\u003e\u003ci class=\\\"icon-user\\\"\u003e \u003c/i\u003e\u003c/span\u003e\u003cinput type=\\\"text\\\" name=\\\"username\\\"\\n id=\\\"username\\\" tabindex=\\\"1\\\"\\n class=\\\"form-control\\\"\\n placeholder=\\\"Username\\\" value=\\\"\\\"\u003e\\n \u003c/div\u003e\\n \u003c/div\u003e\\n \u003c/div\u003e\\n \u003cdiv class=\\\"control-group\\\"\u003e\\n \u003cdiv class=\\\"controls\\\"\u003e\\n \u003cdiv class=\\\"main_input_box\\\"\u003e\\n \u003cspan class=\\\"add-on bg_ly\\\"\u003e\u003ci class=\\\"icon-lock\\\"\u003e\u003c/i\u003e\u003c/span\u003e\u003cinput type=\\\"password\\\" name=\\\"password\\\"\\n id=\\\"password\\\" tabindex=\\\"2\\\"\\n class=\\\"form-control\\\"\\n placeholder=\\\"Password\\\"\u003e\\n \u003c/div\u003e\\n \u003c/div\u003e\\n \u003c/div\u003e\\n \u003cdiv class=\\\"form-actions\\\"\u003e\\n\\n \u003cspan class=\\\"pull-right\\\"\u003e\u003cbutton class=\\\"btn btn-lg btn-primary \\\" type=\\\"submit\\\"\u003eSign in\u003c/button\u003e\u003c/span\u003e\\n \u003c/div\u003e\\n \u003c/form\u003e\\n\u003c/div\u003e\\n\\n\u003cscript src=\\\"/static/js/jquery.min.js\\\"\u003e\u003c/script\u003e\\n\u003cscript src=\\\"/static/js/archery.login.js\\\"\u003e\u003c/script\u003e\\n\u003c/body\u003e\\n\\n\u003c/html\u003e\\n\",\n \"requestHeader\": \"GET http://127.0.0.1:8008/webscanners/ HTTP/1.1\\r\\nUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)\\r\\nPragma: no-cache\\r\\nCache-Control: no-cache\\r\\nContent-Length: 0\\r\\nCookie: _sm_au_c=iVVTtWtfRrV5RSSs13;JSESSIONID=4B9D9690;\\r\\nHost: 127.0.0.1:8008\\r\\n\\r\\n\",\n \"cookieParams\": \"_sm_au_c=iVVTtWtfRrV5RSSs13;JSESSIONID=4B9D9690;csrftoken=15coi19x5Tb4QklEg614BhFRUKOgvb2dMStqmUOc6c2yLlMsJ2e29lFr5GKgmP4a; expires=Thu, 31-Jan-2019 05:09:59 GMT; Max-Age=31449600; Path=/\",\n \"res_type\": \"3\",\n \"res_id\": \"297\",\n \"date_time\": null\n }\n]\n\n\n```\n\n\nThis endpoint retrieves vulnerability data for particular web scan. Archery performing web scan and if you want to list down all scan results of particular scan, you can use this API. This is simple HTTP post request which list down all your web scans data. \n\n### HTTP Request\n\n`POST http://localhost:8000/api/webscanresult/`\n\n### URL Parameters\n\nParameter | Required| Description\n--------- | -----------| ------\nscan_id | Yes | Provide the scan ID \n\n\n# Network Scans\n\n\n## Get All Network Scans\n\n```shell\n\ncurl \"http://localhost:8000/api/networkscan/\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\"\n\n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n[\n {\n \"scan_ip\": \"192.168.222.131\",\n \"project_id\": \"\",\n \"target_id\": \"c277f6e8-48ac-4245-bd66-6091d0f49d63\",\n \"scan_id\": \"6e0266f2-49af-49ab-917e-b8302a0bddc7\",\n \"scan_status\": \"100\",\n \"total_vul\": \"2365\",\n \"high_total\": \"344\",\n \"medium_total\": \"528\",\n \"low_total\": \"31\",\n \"date_created\": \"2018-01-11T09:01:11.269000Z\",\n \"date_modified\": \"2018-01-11T09:01:11.283000Z\"\n },\n {\n \"scan_ip\": \"192.168.222.131\",\n \"project_id\": \"93a102fe-0d16-465b-b487-f331af1bfb9b\",\n \"target_id\": \"e082a24e-5a95-43d1-bf13-1305c1c94e4e\",\n \"scan_id\": \"8aac9e08-7069-45f0-b7f3-491a3b667e6c\",\n \"scan_status\": \"100\",\n \"total_vul\": \"307\",\n \"high_total\": \"40\",\n \"medium_total\": \"67\",\n \"low_total\": \"5\",\n \"date_created\": \"2018-01-11T09:01:11.269000Z\",\n \"date_modified\": \"2018-01-11T09:01:11.283000Z\"\n }\n]\n\n\n```\n\n\nThis endpoint retrieves all network scan results. Archery performing network and if you want to list down all available scans, you can use this API. This is simple HTTP get request which list down all your network scans. \n\n### HTTP Request\n\n`GET http://localhost:8000/api/webscan/`\n\n## Scan Launch \n\n```shell\n\ncurl http://localhost:8000/api/networkscan/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\" \\\n -d '{\"scan_ip\":\"192.168.1.1\",\"project_id\":\"project_id\"}'\n\n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n\n[\n {\n \"message\":\"Scan Launched\"\n }\n]\n\n```\n\nThe API endpoint use for Launch the scans. You can provide all required input and scan will be launched.\n\n\u003c!-- \u003caside class=\"warning\"\u003eInside HTML code blocks like this one, you can't use Markdown, so use \u003ccode\u003e\u0026lt;code\u0026gt;\u003c/code\u003e blocks to denote code.\u003c/aside\u003e --\u003e\n\n### HTTP Request\n\n`POST http://localhost:8000/api/networkscan/`\n\n### URL Parameters\n\nParameter | Required| Description\n--------- | -----------| ------\nscan_ip | Yes | Provide the scan target IP \nproject_id | Yes | Provide Project ID \n\n## Get Scan Results\n\n```shell\n\ncurl http://localhost:8000/api/networkscanresult/ \\\n -X POST \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: JWT token\" \\\n -d '{\"scan_id\":\"a20b9c2e-1bd0-4a69-8771-67c023a3b96b\"}'\n\n```\n\n\u003e The above command returns JSON structured like this:\n\n```json\n\n[\n {\n \"scan_id\": \"a20b9c2e-1bd0-4a69-8771-67c023a3b96b\",\n \"vul_id\": \"2a2b3c7a-f1cf-409c-8baf-d8d950cbab1f\",\n \"name\": \"'fckeditor' Connectors Arbitrary File Upload Vulnerability\",\n \"owner\": \"\",\n \"comment\": \"\",\n \"creation_time\": \"2018-01-05T15:35:03Z\",\n \"modification_time\": \"2018-01-05T15:35:03Z\",\n \"user_tags\": \"\",\n \"host\": \"192.168.222.133\",\n \"port\": \"general/tcp\",\n \"nvt\": \"\",\n \"scan_nvt_version\": \"\",\n \"threat\": \"Error\",\n \"severity\": \"-3.0\",\n \"qod\": \"\",\n \"description\": \"NVT timed out after 600 seconds.\",\n \"term\": \"\",\n \"keywords\": \"\",\n \"field\": \"\",\n \"filtered\": \"\",\n \"page\": \"\",\n \"vuln_color\": \"\",\n \"family\": \"Web application abuses\",\n \"cvss_base\": \"4.6\",\n \"cve\": \"NOCVE\",\n \"bid\": \"NOBID\",\n \"xref\": \"URL:http://www.fckeditor.net\",\n \"tags\": \"cvss_base_vector=AV:N/AC:H/Au:S/C:P/I:P/A:P|summary=Web applications providing a wrong configured 'fckeditor'\\n connectors might be prone to an arbitrary-file-upload vulnerability.|impact=An attacker may leverage this issue to upload arbitrary files to the\\n affected system\\n this can result in arbitrary code execution within the context of the vulnerable application.|solution=Check the config.php of this connector and make sure that no arbitrary file\\n extensions are allowed for uploading.|solution_type=Workaround|qod_type=remote_analysis\",\n \"banner\": \"remote_analysis\",\n \"date_time\": \"2018-02-01 13:57:09.607000+00:00\"\n },\n {\n \"scan_id\": \"a20b9c2e-1bd0-4a69-8771-67c023a3b96b\",\n \"vul_id\": \"155584f4-c9f1-4e40-95f7-bb5d893a0743\",\n \"name\": \"/doc directory browsable\",\n \"owner\": \"\",\n \"comment\": \"\",\n \"creation_time\": \"2018-01-05T14:07:12Z\",\n \"modification_time\": \"2018-01-05T14:07:12Z\",\n \"user_tags\": \"\",\n \"host\": \"192.168.222.131\",\n \"port\": \"80/tcp\",\n \"nvt\": \"\",\n \"scan_nvt_version\": \"\",\n \"threat\": \"Medium\",\n \"severity\": \"5.0\",\n \"qod\": \"\",\n \"description\": \"Vulnerable url: http://192.168.222.131/doc/\",\n \"term\": \"\",\n \"keywords\": \"\",\n \"field\": \"\",\n \"filtered\": \"\",\n \"page\": \"\",\n \"vuln_color\": \"\",\n \"family\": \"Web application abuses\",\n \"cvss_base\": \"5.0\",\n \"cve\": \"CVE-1999-0678\",\n \"bid\": \"318\",\n \"xref\": \"NOXREF\",\n \"tags\": \"cvss_base_vector=AV:N/AC:L/Au:N/C:P/I:N/A:N|solution=Use access restrictions for the /doc directory.\\n If you use Apache you might use this in your access.conf:\\n\\n \u003cDirectory /usr/doc\u003e\\n AllowOverride None\\n order deny,allow\\n deny from all\\n allow from localhost\\n \u003c/Directory\u003e|summary=The /doc directory is browsable.\\n /doc shows the content of the /usr/doc directory and therefore it shows which programs and - important! - the version of the installed programs.|solution_type=Mitigation|qod_type=remote_banner\",\n \"banner\": \"remote_banner\",\n \"date_time\": \"2018-02-01 13:57:09.646000+00:00\"\n }\n]\n\n\n```\n\n\nThis endpoint retrieves vulnerability data for particular Network scan. Archery performing Network scan and if you want to list down all scan results of particular scan, you can use this API. This is simple HTTP post request which list down all your Network scans data. \n\n### HTTP Request\n\n`POST http://localhost:8000/api/networkscanresult/`\n\n### URL Parameters\n\nParameter | Required| Description\n--------- | -----------| ------\nscan_id | Yes | Provide the scan ID \n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farcherysec%2Farcherysec-api-doc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farcherysec%2Farcherysec-api-doc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farcherysec%2Farcherysec-api-doc/lists"}