Targets

Targets are the resources that NightVision scans. There are two types of targets - Web Targets and API Targets.

Web Targets (Portal)

Create Web Targets (Portal)

To create a Web Target in the portal:

Navigate to https://app.nightvision.net
Click on Targets in the left sidebar.

How to find Targets.

Click on the New Target button on the right.

Create a new target.

In the Add New Target form, paste the following URL: http://testphp.vulnweb.com. Then click Next.

Add a URL for each new target you want to create.

Note: You can provide multiple URLs if you want - just make sure there is one per line.

In Step 2, modify the Target name if you would like to change it - or keep the default derived value. Then click on Create Target.

Each target must have a unique name within the project.

You can now see that the Target was created by viewing the list of Targets.

The target was created.

Web Targets (CLI)

Create Web Targets (CLI)

You can also create web targets via the CLI.

# Usage:
# nightvision target create [name] [url] [flags]

nightvision create testphp http://testphp.vulnweb.com --type WEB

API Targets (Portal)

Create API Targets (Portal)

To create an API target in the web portal:

Navigate to https://app.nightvision.net.
Click on Targets in the left sidebar.

How to find Targets.

Click on the New Target button on the right.

Create a new target.

In the Add New Target form, select “API Target” and enter the following details, then click Create Target:
1. Target Name: nv-firing-range
2. Base URL: https://javaspringvulny.nvtest.io:9000/
3. OpenAPI URL: [\<https://javaspringvulnyopenapispec.fra1.cdn.digitaloceanspaces.com/openapi-spec.json](https://javaspringvulnyopenapispec.fra1.cdn.digitaloceanspaces.com/openapi-spec.json)

The Add New Target form. Upload an OpenAPI file to create an API Target.

API Targets (CLI)

Create API Targets with a Public OpenAPI file (CLI)

If the OpenAPI file is available on the public internet, you can create targets via the CLI and specify the URL where the OpenAPI file can be downloaded:

# Option 1: Create the target without an OpenAPI specification (attach it later)
nightvision target create nv-firing-range-public https://javaspringvulny.nvtest.io:9000/ --type API

# Option 2: Create the target and attach an OpenAPI specification
nightvision target create nv-firing-range-public \
  --swagger-url https://javaspringvulnyopenapispec.fra1.cdn.digitaloceanspaces.com/openapi-spec.json \
  --type API

Create API Targets and Upload a OpenAPI file (CLI)

You can create an API Target and specify the OpenAPI file at creation time, instead of attaching the OpenAPI specification later.

# Option 1: Create the target without an OpenAPI specification (attach it later)
nightvision target create broken-flask-api http://localhost:4000 --type API

# Option 2: Create the target and attach an OpenAPI specification
nightvision target create broken-flask-api \
  --swagger-file openapi-spec.yml  --type API

Upload OpenAPI Files to an Existing Target (CLI)

If you have an existing OpenAPI file, you can update the target:

nightvision target update broken-flask-api \
  --swagger-file openapi-spec.yml

Use API Discovery for a Target (CLI)

If you’ve updated your code or want to rely on NightVision’s API Discovery feature, you can update the API Documentation by appending --target to your swagger extract command:

nightvision swagger extract . --target broken-flask-api --lang python

If you want to create an OpenAPI file without uploading it to the target, you can append the --no-upload flag:

nightvision swagger extract . --lang python --no-upload

If you have an existing OpenAPI file, you can use that instead:

nightvision target update broken-flask-api \
  --swagger-file openapi-spec.yml