Quickstart

Get xa-v running in 5 minutes.

Install

npm install -g xa-v

Or run directly:

npx xa-v scan ./openapi.yaml

Scan Your First API

Point xa-v at an OpenAPI spec:

xa-v scan ./openapi.yaml

Or scan a running API directly:

xa-v scan https://api.example.com

View Results

Results are printed to your terminal:

┌─ Scanning API...
│ ✓ API discovered (47 endpoints)
│ 🔍 Running OWASP Top 10 checks
│ ────────────────────────────────
│ ✗ BOLA — GET /users/:id
│ → Missing authorization
│ ! Rate limit — POST /checkout
│ → No rate limiting configured
│ ────────────────────────────────
│ ✓ 3 vulnerabilities found. 0 false positives.
└────────────────────────────────

For a detailed report, view results in your dashboard.

Next Steps