HTTP Requests: Full Transparency & Control
Unlike traditional "black box" scanners that leave you guessing, Deflectra gives you a front-row seat to the security testing process.
Why This Matters
When Deflectra performs a DAST scan, it's not just checking boxes, it's actively engaging with your application. The HTTP Requests tab logs every single interaction, giving you:
- Real-time Monitoring: Watch the scan unfold live. See exactly what payloads are being sent and how your application responds.
- Debugging Power: Encountered a false positive? Want to understand why a vulnerability was flagged? Analyze the raw request and response headers and bodies.
- Security Verification: Validate that your security patches are working by inspecting the actual traffic and confirming the scanner's attempts are blocked.
Key Features
1. Granular Inspection
Click on any log entry to expand it. You'll see the full HTTP Request (headers, method, payload) and the HTTP Response (status code, headers, body). This level of detail is essential for developers and security engineers alike.
You can also edit the request and send it again to see how your application responds or if it is still vulnerable.
2. Advanced Filtering
Use the filters to find exactly what you need:
- By Endpoint: Filter requests associated with specific endpoints.
- By Status Code: Quickly isolate 4xx or 5xx errors.
- By Method: Focus on POST, PUT, or DELETE requests.
3. Export (Premium)
Export the logs for offline analysis or include them in your compliance reports.
Resend Request: Verify & Validate
The resend request button allows you to modify and replay any captured HTTP request directly from the dashboard.
Interactive Verification
- Edit Everything: Modify the method, headers, params, and body payload.
- Real-Time Feedback: Send the request and see the server's response instantly.
- Verify Fixes: Immediately test if a vulnerability has been patched by replaying the attack vector against your updated code.
