ModernPentestModernPentest

Reports

API endpoints for generating and downloading reports

Reports API

Generate and download security reports programmatically.

List Reports

GET /reports

Retrieve previously generated reports.

Query Parameters

ParameterTypeDescription
application_idstringFilter by application
typestringtechnical, executive, soc2, compliance
pageintegerPage number
per_pageintegerItems per page

Response

{
  "data": [
    {
      "id": "rpt_abc123",
      "type": "technical",
      "format": "pdf",
      "application_id": "app_abc123",
      "application_name": "Production App",
      "scan_id": "scan_xyz789",
      "status": "ready",
      "created_at": "2025-01-15T11:00:00Z",
      "expires_at": "2025-02-14T11:00:00Z",
      "size_bytes": 1245678
    }
  ],
  "meta": {
    "total": 10,
    "page": 1,
    "per_page": 20
  }
}

Get Report

GET /reports/{id}

Get metadata about a specific report.

Response

{
  "id": "rpt_abc123",
  "type": "technical",
  "format": "pdf",
  "application_id": "app_abc123",
  "application_name": "Production App",
  "scan_id": "scan_xyz789",
  "status": "ready",
  "created_at": "2025-01-15T11:00:00Z",
  "expires_at": "2025-02-14T11:00:00Z",
  "size_bytes": 1245678,
  "download_url": "https://api.modernpentest.com/v1/reports/rpt_abc123/download",
  "contents": {
    "findings_included": 30,
    "pages": 45,
    "sections": ["executive_summary", "findings", "remediation", "appendix"]
  }
}

Generate Report

POST /reports

Generate a new report for a scan.

Request Body

{
  "scan_id": "scan_xyz789",
  "type": "technical",
  "format": "pdf",
  "options": {
    "include_sections": ["summary", "findings", "remediation"],
    "severity_threshold": "medium",
    "include_fixed": false
  }
}

Parameters

FieldTypeRequiredDescription
scan_idstringYesSource scan ID
typestringYesReport type
formatstringNopdf, html, json (default: pdf)
optionsobjectNoReport customization

Report Types

TypeDescription
technicalDetailed findings for developers
executiveHigh-level summary for leadership
soc2SOC 2 compliance documentation
complianceGeneral compliance mapping

Response

{
  "id": "rpt_new456",
  "type": "technical",
  "format": "pdf",
  "status": "generating",
  "created_at": "2025-01-15T12:00:00Z",
  "estimated_completion": "2025-01-15T12:02:00Z"
}

Report generation is asynchronous. Poll the report status or use webhooks.

Example

curl -X POST https://api.modernpentest.com/v1/reports \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "scan_id": "scan_xyz789",
    "type": "soc2",
    "format": "pdf"
  }'

Download Report

GET /reports/{id}/download

Download the generated report file.

Response

Returns the binary file with appropriate Content-Type:

  • PDF: application/pdf
  • HTML: text/html
  • JSON: application/json

Example

curl -X GET https://api.modernpentest.com/v1/reports/rpt_abc123/download \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -o security_report.pdf

Generate SOC 2 Report

POST /reports/soc2

Generate a SOC 2 compliance report for a date range.

Request Body

{
  "application_ids": ["app_abc123", "app_xyz789"],
  "date_from": "2024-10-01T00:00:00Z",
  "date_to": "2024-12-31T23:59:59Z",
  "format": "pdf",
  "options": {
    "include_remediation_evidence": true,
    "include_scan_timeline": true
  }
}

Parameters

FieldTypeRequiredDescription
application_idsarrayYesApplications to include
date_fromstringYesAudit period start (ISO 8601)
date_tostringYesAudit period end (ISO 8601)
formatstringNopdf or html
optionsobjectNoReport options

SOC 2 Report Contents

The generated report includes:

SectionDescription
Executive SummaryOverall security posture
Testing MethodologyHow testing was performed
Trust Services MappingCC4.1, CC7.1 criteria mapping
Vulnerability FindingsAll findings with status
Remediation EvidenceProof of fixes
Testing TimelineComplete audit trail

Response

{
  "id": "rpt_soc2_123",
  "type": "soc2",
  "status": "generating",
  "audit_period": {
    "from": "2024-10-01T00:00:00Z",
    "to": "2024-12-31T23:59:59Z"
  },
  "applications_included": 2,
  "estimated_completion": "2025-01-15T12:05:00Z"
}

Report Status

GET /reports/{id}/status

Check the generation status of a report.

Response

{
  "id": "rpt_abc123",
  "status": "ready",
  "progress": 100,
  "created_at": "2025-01-15T12:00:00Z",
  "completed_at": "2025-01-15T12:02:00Z"
}

Status Values

StatusDescription
pendingQueued for generation
generatingCurrently being created
readyAvailable for download
failedGeneration failed
expiredDownload link expired

Webhook Events

Reports trigger the following webhook events:

EventDescription
report.generatingReport generation started
report.readyReport available for download
report.failedReport generation failed

See Webhooks for configuration.

Last updated: December 8, 2025

Vulnerabilities

API endpoints for managing vulnerability findings

Webhooks

Configure real-time event notifications

On this page

Reports APIList ReportsQuery ParametersResponseGet ReportResponseGenerate ReportRequest BodyParametersReport TypesResponseExampleDownload ReportResponseExampleGenerate SOC 2 ReportRequest BodyParametersSOC 2 Report ContentsResponseReport StatusResponseStatus ValuesWebhook Events