Documentation

Scan via CLI

Run a scan directly from your terminal without installing anything:

npx cyberian scan https://api.example.com/v1

Scan via Dashboard

Log in to your dashboard, go to Scans, paste your API URL, and click Run Scan. Results appear within seconds.

Security (12 checks)

HTTPS enforcement, CORS headers, rate limiting detection, sensitive data exposure, SSL/TLS configuration.

Performance (8 checks)

Response time (TTFB), payload size, gzip/brotli compression, cache headers.

Design (7 checks)

URL naming conventions, correct HTTP verbs, consistent status codes, RESTful resource naming.

Documentation (6 checks)

OpenAPI/Swagger spec detection, health endpoint, Content-Type headers, versioning.

Error Handling (5 checks)

Invalid JSON handling, missing required fields, stack trace exposure, error format consistency.

Standards (5 checks)

JSON responses, UTF-8 encoding, CORS preflight, HTTP/2 support, idempotency.

Score formula

Each check is weighted. Critical issues (e.g. no HTTPS) deduct more points than warnings. The final score is 0-100.

Grade bands

90–100: Excellent (A) · 75–89: Good (B) · 60–74: Average (C) · 40–59: Poor (D) · 0–39: Critical (F)

GitHub Actions

Add a scan step to your workflow:

- name: Cyberian API Scan
  run: npx Cyberian scan ${{ env.API_URL }} --fail-below 80

README badge

Display your current score in your repository README:

![API Score](https://cyberian.vercel.app/api/badge/your-project-id.svg)

What is Cyberian Intelligence?

Cyberian Intelligence is a deep passive reconnaissance and analysis layer available on Pro and Team plans. After every scan, it runs an extended investigation of the target and produces a full security report with exploitable findings, attack scenarios, design analysis, third-party risk assessment, and a prioritized remediation plan.

What it investigates

Intelligence performs 70+ passive probes without touching the target aggressively: HTTP headers and security posture, cookie flags and session configuration, HTML form analysis (GET vs POST, CSRF tokens), JavaScript bundle scanning for hardcoded secrets and suspicious third-party domains, DNS records (SPF, DMARC, MX), subdomain enumeration via Certificate Transparency logs, 70+ common path probes (admin panels, exposed APIs, config files), robots.txt and sitemap.xml analysis, and full technology fingerprinting.

Analysis output

Every Intelligence report contains: an executive summary, a risk level (critical / high / medium / low), a risk score from 0–100, infrastructure mapping, a full findings list with CVSS estimates and fix guidance, realistic attack scenarios with cost and time estimates, a website design analysis with actionable feedback, a third-party risk inventory, and a quick-wins list sorted by impact.

Findings format

Each finding is assigned a severity (critical, high, medium, low, info), a CVSS v3 estimate, a description of the vulnerability, the potential impact if exploited, a concrete remediation step, and a confirmation status.

{
  "id": "F-01",
  "severity": "critical",
  "title": "Login via GET — credentials in server logs",
  "cvss_estimate": 9.1,
  "description": "Authentication form uses method=GET...",
  "impact": "All passwords written to server logs permanently.",
  "fix": "Change form method to POST immediately.",
  "confirmed": true
}

Plans

Intelligence runs automatically on every scan for Pro and Team users. Free users get the standard scan only. Intelligence results appear in the Intelligence tab of the report page.

POST /api/scans

Create a new scan. Requires authentication.

curl -X POST https://cyberian.dev/api/scans \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{"url":"https://api.example.com/v1"}'

GET /api/scans/:id

Retrieve scan results by ID.

curl https://cyberian.dev/api/scans/abc123 -H "Authorization: Bearer <token>"