Findings API

curl "https://api.hackerbot.io/v1/findings?severity=critical,high" \
  -H "Authorization: Bearer hb_live_xxxx"

{
  "id": "find_abc123",
  "scan_id": "scan_xyz789",
  "severity": "critical",
  "type": "sqli",
  "title": "SQL Injection in Login Endpoint",
  "description": "The login endpoint is vulnerable to SQL injection...",
  "url": "https://example.com/api/login",
  "method": "POST",
  "parameter": "username",
  "evidence": {
    "request": "POST /api/login HTTP/1.1...",
    "response": "HTTP/1.1 500 Internal Server Error...",
    "payload": "admin' OR '1'='1"
  },
  "cwe": "CWE-89",
  "owasp": "A03:2021",
  "cvss": 9.8,
  "remediation": "Use parameterized queries or prepared statements...",
  "references": [
    "https://owasp.org/www-community/attacks/SQL_Injection"
  ],
  "status": "open",
  "created_at": "2026-01-23T10:30:00Z"
}

curl -X PATCH https://api.hackerbot.io/v1/findings/find_abc123 \
  -H "Authorization: Bearer hb_live_xxxx" \
  -H "Content-Type: application/json" \
  -d '{
    "status": "resolved",
    "resolution_note": "Fixed in commit abc123"
  }'

# JSON export
curl "https://api.hackerbot.io/v1/findings/export?format=json&scan_id=scan_xyz789"

# CSV export
curl "https://api.hackerbot.io/v1/findings/export?format=csv"

# SARIF export (for IDE integration)
curl "https://api.hackerbot.io/v1/findings/export?format=sarif"