Skip to content


Create findings in your pentest report by JSON or TOML.


cat finding.json | reptor finding

Sample finding

Upload one finding by using the following structures.
Use a list to upload multiple findings.

JSON finding structure
  "status": "in-progress",
  "data": {
    "cvss": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
    "title": "Reflected XSS",
    "summary": "We detected a reflected XSS vulnerability.",
    "references": [
    "description": "The impact was heavy.",
    "recommendation": "HTML encode user-supplied inputs.",
    "affected_components": [
TOML finding structure
status = "in-progress"

cvss = "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"
title = "Reflected XSS"
summary = "We detected a reflected XSS vulnerability."
references = [ "",]
description = "The impact was heavy."
recommendation = "HTML encode user-supplied inputs."
affected_components = [ "", "",]


usage: reptor finding [-h]

Uploads findings from JSON or TOML

optional arguments:
  -h, --help  show this help message and exit