Testing module
Last updated
Was this helpful?
Last updated
Was this helpful?
The Testing module is responsible to do API Security testing.
Dockerhub version: aktosecurity/akto-api-testing:local
Dockerfile
Interaction: Testing module runs in a separate docker image. It polls Database for any pending tests. If found, it starts testing the APIs based on the test configuration. It then saves the test reports in Database. It might sometimes trigger an API call to Puppeteer server if the chrome-recording functionality is being used for automatic auth token generation.
Architecture: Testing module docker runs on the same instance as Dashboard.
Polls for Test Jobs:
Regularly checks for security tests that need to be executed.
Executes Tests:
Runs API security tests based on the configured test suite. Tests include a wide range of vulnerability categories like:
OWASP Top 10 API vulnerabilities
Authentication and authorization checks
Sensitive data exposure
Rate limiting, SSRF, and more
Saves Results:
After execution, it records detailed test reports, including vulnerabilities found, request/response details, and severity.
Supports Auth Token Automation:
When your API requires login, the module can automatically handle authentication by fetching the necessary security tokens.
The Testing Module runs as a separate service and continuously listens for new test jobs.
Once a job is found, it tests the relevant API endpoints and pushes the results to Akto, making them available on the Dashboard.
✅ Automated Security Testing: Eliminates manual effort by automatically testing your APIs for known vulnerabilities.
✅ Covers All APIs: Tests are run across discovered APIs, ensuring security coverage even for undocumented endpoints.
✅ Auth Handling: Supports dynamic token fetching to test authenticated endpoints seamlessly.
The Testing Module is the execution engine behind Akto’s API security testing. It ensures your APIs are continuously evaluated against a broad set of security checks, helping identify risks early and at scale.
There are multiple ways to request support from Akto. We are 24X7 available on the following:
In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.
Contact help@akto.io for email support.
Works alongside other modules like the and to provide a complete API security posture.
Join our for community support.
Contact us .
