Creating Scans

Configure and launch a web application scan

Manage Scans

Monitor and manage your web application scans

Scan Profiles

Set up authentication and scanner configuration

Understanding Results

Interpret OWASP findings and severity ratings

Best Practices

Tips for effective and accurate web application scanning

API Testing

Scan REST and GraphQL APIs for security vulnerabilities

---

Overview

The Web Application scanner in DeepTraQ helps identify security vulnerabilities in web applications and APIs such as public websites, REST APIs, GraphQL APIs, and authentication endpoints.

What this scanner does

The scanner analyzes web applications to:

• Detect OWASP Top 10 vulnerabilities
• Identify API security misconfigurations
• Discover SQL injection, authentication issues, and insecure headers
• Automatically map web endpoints and API routes

It uses integrated tools such as OWASP ZAP and Nuclei, along with DeepTraQ’s AI-powered scanning engine.

When to use this scanner

Use the Web Application scanner when you want to test the security of:

• Public web applications
• REST or GraphQL APIs
• Login and authentication endpoints
• API gateways and microservices

This scanner helps identify vulnerabilities that could be exploited through web requests or API interactions.

What you get

After the scan completes, DeepTraQ provides:

• Discovered web vulnerabilities and OWASP Top 10 risks
• Identified API security issues
• Severity-based risk prioritization
• AI-powered remediation guidance
• Endpoint and API discovery insights

These results help developers, DevOps teams, and security teams quickly detect and fix security issues in web applications and APIs.