Docs

Add Entrypoints to your Project

Bright provides the following methods of finding Entrypoints. Use links to the relevant articles to get more details.

Suggest Edits

Crawler

Bright can crawl your web application to define the attack surface. This option does not require any details that might get you tangled. To run a security scan using a crawler, you simply need to specify the target URL in the URL field. Learn more about a Crawler.

.HAR-file

An HTTP Archive File (.HAR file) is a recorded user interaction session with an application. The .HAR file keeps all the HTTP requests and responses between the web client and web application. You can use a pre-recorded .HAR file when running a security scan. Using the data contained in the .HAR file, Bright defines the attack surface and ensures complete coverage of the scan scope. Learn more about .HAR-files in Bright.

API Schema

Bright supports the following API schema versions: Swagger 2+, OpenAPI 3+, and Postman 2+. You don't need an ideal API schema; you can upload the one you have. All you need to do is fix it once. Learn more about API Schemas.

GraphQL Schema file

Bright provides a possibility to specify a GraphQL endpoint link for introspection. Learn more about how to add Entrypoints using GraphQL.

Single Entrypoint

You can manually add a single Entrypoint using an in-app tool and then fix it if it has connectivity problems. Learn more about how to add fix Entrypoints.

Updated about 17 hours ago