{"id":225,"date":"2013-05-09T14:40:29","date_gmt":"2013-05-09T14:40:29","guid":{"rendered":"http:\/\/securityroots.com\/blog\/?p=225"},"modified":"2013-11-24T16:23:13","modified_gmt":"2013-11-24T16:23:13","slug":"vulndb-api-update-new-vulndb-help-site","status":"publish","type":"post","link":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/","title":{"rendered":"VulnDB API update + new VulnDB Help site"},"content":{"rendered":"<p>We have improved VulnDB API and have a new (and better) Help site. Read on to find out more about these changes.<\/p>\n<p><a href=\"http:\/\/vulndbhq.com\/\">VulnDB HQ<\/a> is a tool to manage your vulnerability descriptions so you can reuse them across reports. It also lets you create and share testing methodologies so <a href=\"http:\/\/securityroots.com\/blog\/2013\/01\/using-testing-methodologies-to-ensure\/\">every project is delivered to the same high quality standard<\/a>.<\/p>\n<p><a href=\"http:\/\/vulndbhq.com\"><img decoding=\"async\" loading=\"lazy\" class=\"aligncenter\" alt=\"The VulnDB logo\" src=\"http:\/\/vulndbhq.com\/assets\/logo.png\" width=\"416\" height=\"256\" \/><\/a><\/p>\n<p>We have recently migrated the VulnDB Help site to a new location at:<\/p>\n<p style=\"text-align: center; font-size: 15px;\"><a href=\"http:\/\/vulndbhq.com\/help\/\">http:\/\/vulndbhq.com\/help\/<\/a><\/p>\n<p>Apart from the new look &amp; feel (which we hope you like) we&#8217;ve made a few significant improvements in the API itself:<\/p>\n<h2>Strict SSL requirement<\/h2>\n<p>The API was accessible over plain-text HTTP due to a misconfiguration, we have completely disabled this.<\/p>\n<h2>Token-based authentication<\/h2>\n<p>Say your goodbyes to HTTP Basic authentication and welcome the new token-based authentication overlords.<\/p>\n<p>Visit your Profile page to get your own API token which can be used to authenticate API request by means of a custom HTTP header.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter\" alt=\"A screenshot of the section of the Profile page showing the token\" src=\"http:\/\/vulndbhq.com\/help\/img\/api_token.png\" width=\"625\" \/><\/p>\n<p>Lost your token or you suspect it was compromised? Want to deny access to your account to all 3rd party applications? Regenerate your token and you are good to go.<\/p>\n<h2>Better examples<\/h2>\n<p>We&#8217;ve improved the examples for each of the API methods with a proof-of-concept `curl` request along with the sample of any data that has to be submitted to the request. We also show response codes and content returned by the server so you know what to expect.<\/p>\n<h2>tl; dr;<\/h2>\n<p>Find answers to your VulnDB API questions at <a href=\"http:\/\/vulndbhq.com\/help\/\">http:\/\/vulndbhq.com\/help\/<\/a><\/p>\n<p>Note that we have not bumped the version number to introduce these changes. This is because the main interfaces, media formats, end points and data types have not changed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have improved VulnDB API and have a new (and better) Help site. Read on to find out more about these changes. VulnDB HQ is a tool to manage your vulnerability descriptions so you can reuse them across reports. It also lets you create and share testing methodologies so every project is delivered to the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":[]},"categories":[6],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>VulnDB API update: token-based auth and better docs<\/title>\n<meta name=\"description\" content=\"We hav eimproved the VulnDB API with token-based auth and strict SSL. We&#039;ve also updated the API docs with curl examples, response codes, return values...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VulnDB API update: token-based auth and better docs\" \/>\n<meta property=\"og:description\" content=\"We hav eimproved the VulnDB API with token-based auth and strict SSL. We&#039;ve also updated the API docs with curl examples, response codes, return values...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/\" \/>\n<meta property=\"og:site_name\" content=\"Dradis Framework Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-05-09T14:40:29+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2013-11-24T16:23:13+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/vulndbhq.com\/assets\/logo.png\" \/>\n<meta name=\"author\" content=\"Daniel Martin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@dradisfw\" \/>\n<meta name=\"twitter:site\" content=\"@dradisfw\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daniel Martin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/\",\"url\":\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/\",\"name\":\"VulnDB API update: token-based auth and better docs\",\"isPartOf\":{\"@id\":\"https:\/\/dradis.com\/blog\/#website\"},\"datePublished\":\"2013-05-09T14:40:29+00:00\",\"dateModified\":\"2013-11-24T16:23:13+00:00\",\"author\":{\"@id\":\"https:\/\/dradis.com\/blog\/#\/schema\/person\/0d7332083eed49c91ddf883f46f0dc52\"},\"description\":\"We hav eimproved the VulnDB API with token-based auth and strict SSL. We've also updated the API docs with curl examples, response codes, return values...\",\"breadcrumb\":{\"@id\":\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/dradis.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VulnDB API update + new VulnDB Help site\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/dradis.com\/blog\/#website\",\"url\":\"https:\/\/dradis.com\/blog\/\",\"name\":\"Dradis Framework Blog\",\"description\":\"Information management for security teams\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/dradis.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/dradis.com\/blog\/#\/schema\/person\/0d7332083eed49c91ddf883f46f0dc52\",\"name\":\"Daniel Martin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dradis.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b0810040b4df4564381531b4d4a79a05?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b0810040b4df4564381531b4d4a79a05?s=96&d=mm&r=g\",\"caption\":\"Daniel Martin\"},\"sameAs\":[\"http:\/\/securityroots.com\/story.html\"],\"url\":\"https:\/\/dradis.com\/blog\/author\/etd\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VulnDB API update: token-based auth and better docs","description":"We hav eimproved the VulnDB API with token-based auth and strict SSL. We've also updated the API docs with curl examples, response codes, return values...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/","og_locale":"en_US","og_type":"article","og_title":"VulnDB API update: token-based auth and better docs","og_description":"We hav eimproved the VulnDB API with token-based auth and strict SSL. We've also updated the API docs with curl examples, response codes, return values...","og_url":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/","og_site_name":"Dradis Framework Blog","article_published_time":"2013-05-09T14:40:29+00:00","article_modified_time":"2013-11-24T16:23:13+00:00","og_image":[{"url":"http:\/\/vulndbhq.com\/assets\/logo.png"}],"author":"Daniel Martin","twitter_card":"summary_large_image","twitter_creator":"@dradisfw","twitter_site":"@dradisfw","twitter_misc":{"Written by":"Daniel Martin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/","url":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/","name":"VulnDB API update: token-based auth and better docs","isPartOf":{"@id":"https:\/\/dradis.com\/blog\/#website"},"datePublished":"2013-05-09T14:40:29+00:00","dateModified":"2013-11-24T16:23:13+00:00","author":{"@id":"https:\/\/dradis.com\/blog\/#\/schema\/person\/0d7332083eed49c91ddf883f46f0dc52"},"description":"We hav eimproved the VulnDB API with token-based auth and strict SSL. We've also updated the API docs with curl examples, response codes, return values...","breadcrumb":{"@id":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/dradis.com\/blog\/2013\/05\/vulndb-api-update-new-vulndb-help-site\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dradis.com\/blog\/"},{"@type":"ListItem","position":2,"name":"VulnDB API update + new VulnDB Help site"}]},{"@type":"WebSite","@id":"https:\/\/dradis.com\/blog\/#website","url":"https:\/\/dradis.com\/blog\/","name":"Dradis Framework Blog","description":"Information management for security teams","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dradis.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/dradis.com\/blog\/#\/schema\/person\/0d7332083eed49c91ddf883f46f0dc52","name":"Daniel Martin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dradis.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b0810040b4df4564381531b4d4a79a05?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b0810040b4df4564381531b4d4a79a05?s=96&d=mm&r=g","caption":"Daniel Martin"},"sameAs":["http:\/\/securityroots.com\/story.html"],"url":"https:\/\/dradis.com\/blog\/author\/etd\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p3ijVs-3D","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":18,"url":"https:\/\/dradis.com\/blog\/2012\/08\/vulndb-hq-api-v2\/","url_meta":{"origin":225,"position":0},"title":"VulnDB HQ API v2","date":"August 21, 2012","format":false,"excerpt":"A few days ago we released v2 of the API for VulnDB HQ, our platform to manage vulnerability databases.A lot of work has happened in the background to pave the way to a more stable and comprehensive API. From the consumer perspective we now have a dedicated endpoint for API\u2026","rel":"","context":"In &quot;VulnDB_HQ&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":15,"url":"https:\/\/dradis.com\/blog\/2012\/09\/create-a-report-in-minutes-with-dradis-pro-and-vulndb-hq\/","url_meta":{"origin":225,"position":1},"title":"Create a report in minutes with Dradis Pro and VulnDB HQ","date":"September 24, 2012","format":false,"excerpt":"How long did it take you to create your last pentest report? Days? Hours? Sounds like too much effort for something that should be 80% automated! Lets see how you can use Dradis Pro and VulnDB HQ to create a pentest report in minutes. Tracking progress with Dradis Pro Everybody\u2026","rel":"","context":"In &quot;Dradis_Pro&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/2.bp.blogspot.com\/-HqmOWbUQm34\/UFnYpfHliWI\/AAAAAAAAAJg\/1AtvsQElVz8\/s400\/methodologies_03.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":1322,"url":"https:\/\/dradis.com\/blog\/2012\/02\/dradis-29-released\/","url_meta":{"origin":225,"position":2},"title":"Dradis 2.9 released!","date":"February 1, 2012","format":false,"excerpt":"New plugins Retina Network Security Scanner\u00a0upload plugin.Zed Attack Proxy\u00a0upload plugin. Updated plugins Nessus\u00a0upload plugin is orders of magnitude faster.Nikto\u00a0upload plugin is orders of magnitude faster.Nmap\u00a0upload plugin is orders of magnitude faster.VulnDB\u00a0import plugin (to support\u00a0VulnDB HQ\u00a0integration) Internals Updated First Time User's Wizard.Updated to Rails 3.2 download now","rel":"","context":"In &quot;Release&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12,"url":"https:\/\/dradis.com\/blog\/2012\/10\/new-in-dradis-pro-v16\/","url_meta":{"origin":225,"position":3},"title":"New in Dradis Pro v1.6","date":"October 9, 2012","format":false,"excerpt":"Today we have pushed a new version of Dradis Professional Edition. This is the result of two months of hard work. It is a shorter release cycle than usual, but there are some good reasons for it. We think it will make our user's day-to-day work significantly more efficient. Here\u2026","rel":"","context":"In &quot;Dradis_Pro&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/2.bp.blogspot.com\/-cuVRf1Tju3w\/UGymoN4PcPI\/AAAAAAAAALw\/yaqn7kqlnp0\/s400\/reporting_v16-01.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":26,"url":"https:\/\/dradis.com\/blog\/2012\/03\/pauldotcom-en-espanol-interviews-security-roots-founder\/","url_meta":{"origin":225,"position":4},"title":"Espanol &#8211; Pauldotcom interviews Security Roots founder","date":"March 14, 2012","format":false,"excerpt":"Daniel Martin (@etdsoft), creator of Dradis Framework and founder of Security Roots Ltd was interviewed in Episode 11 of PaulDotCom Security Weekly en Espanol. We talked about Dradis Framework, Ruby, Rails, open-source in general, Dradis Pro, VulnDB HQ, Nokogiri and a number of other things. The podcast is in Spanish,\u2026","rel":"","context":"In &quot;Security Roots&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":793,"url":"https:\/\/dradis.com\/blog\/2017\/04\/dradis-attachments-api-using-ruby\/","url_meta":{"origin":225,"position":5},"title":"Attachments API using ruby","date":"April 20, 2017","format":false,"excerpt":"One of the latest additions in Dradis Pro release 2.6.0 was the attachments API. Until now that was only available using the web interface: As documented here\u00a0that new API endpoint allows to manipulate node attachments via REST requests. Here there are a couple of examples, using curl. Read attachments associated\u2026","rel":"","context":"In &quot;Dradis_Pro&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/dradisframework.com\/blog\/wp-content\/uploads\/2017\/04\/attachments.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/posts\/225"}],"collection":[{"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/comments?post=225"}],"version-history":[{"count":1,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/posts\/225\/revisions"}],"predecessor-version":[{"id":468,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/posts\/225\/revisions\/468"}],"wp:attachment":[{"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/media?parent=225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/categories?post=225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dradis.com\/blog\/wp-json\/wp\/v2\/tags?post=225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}