ModernPentestModernPentest

API Overview

Integrate ModernPentest into your workflows with our REST API

API Overview

The ModernPentest API allows you to programmatically manage applications, trigger scans, and retrieve results.

Base URL

https://api.modernpentest.com/v1

Features

  • RESTful design - Standard HTTP methods and status codes
  • JSON responses - All responses in JSON format
  • Rate limiting - Fair usage limits with clear headers
  • Webhooks - Real-time event notifications

Quick Start

1. Get Your API Key

  1. Go to Settings > API Keys
  2. Click Generate New Key
  3. Copy and securely store your key

API keys provide full access to your account. Never share them or commit them to version control.

2. Make Your First Request

curl -X GET https://api.modernpentest.com/v1/applications \
  -H "Authorization: Bearer YOUR_API_KEY"

3. Response

{
  "data": [
    {
      "id": "app_123",
      "name": "My Application",
      "url": "https://app.example.com",
      "status": "active",
      "last_scan": "2025-01-15T10:00:00Z"
    }
  ],
  "meta": {
    "total": 1,
    "page": 1,
    "per_page": 20
  }
}

API Endpoints

Authentication

API key management and security best practices

Applications

Create, update, and manage applications

Scans

Start scans and monitor progress

Vulnerabilities

Retrieve and manage vulnerability findings

Reports

Generate and download reports

Webhooks

Configure real-time event notifications

Common Patterns

Pagination

List endpoints support pagination:

GET /applications?page=2&per_page=50

Response includes metadata:

{
  "data": [...],
  "meta": {
    "total": 150,
    "page": 2,
    "per_page": 50,
    "total_pages": 3
  }
}

Filtering

Filter results with query parameters:

GET /vulnerabilities?severity=critical&status=open

Error Handling

Errors follow a consistent format:

{
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid application ID",
    "details": {
      "field": "application_id",
      "reason": "must be a valid UUID"
    }
  }
}

Rate Limits

PlanRequests/minRequests/day
Starter6010,000
Professional12050,000
Enterprise600Unlimited

Rate limit headers included in every response:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1705312800

Error Codes

CodeHTTP StatusDescription
UNAUTHORIZED401Invalid or missing API key
FORBIDDEN403Insufficient permissions
NOT_FOUND404Resource not found
VALIDATION_ERROR422Invalid request body
RATE_LIMITED429Too many requests
INTERNAL_ERROR500Server error

SDKs

Official SDKs coming soon:

  • Python
  • Node.js
  • Go

Support

Last updated: December 7, 2025

Authentication

API authentication and key management

On this page

API OverviewBase URLFeaturesQuick Start1. Get Your API Key2. Make Your First Request3. ResponseAPI EndpointsCommon PatternsPaginationFilteringError HandlingRate LimitsError CodesSDKsSupport