Adding paths via Import Files / API Definitions

You can add paths to your targets via import files or API definitions to guide the Aucnetix crawler. This is useful when there are parts of a site that are not linked to the main target. By specifying paths for the crawler to add to the scan, you can ensure that any unlinked pages and directories are scanned.

There are two options available to achieve this:

  • Import a file: Accepted file formats are listed at the end of this article.
  • Link a URL: Useful if the file is hosted so you can be sure the latest file is always used (e.g. API definitions hosted on the target’s URL or another URL).

NOTE: Import files/API definitions are applied to individual targets, and a target can have multiple files imported/linked URLs.

How to add import files/API definitions to a target

  1. Prepare the file(s)/URL(s) that you want to import to a target.
  2. Log in to Acunetix and go to the Targets page.
  3. Click on the target address that you want to import paths to. The Target Settings page will open.
  4. Scroll down to the Import Files / API Definitions section.
  5. Use your preferred option:
  1. Import a file: Click the upload icon in the Choose File field. Locate and select the file that you want to import to the target. Your file uploads automatically and is now listed in the Import Files /API Definitions section of the Target Settings.
  2. Link from a URL: Click Link From URL, enter the URL where your API definitions are hosted, and then select Link API definition. The URL is now listed in the Import Files /API Definitions section of the Target Settings.
  1. Click Save for your settings to take effect.

TIP: To remove an imported file or URL from a target, click the trash icon next to the item you have imported, then click Save.

Restricting scans to import files

When importing a file or linking a URL, you can also specify whether scans of the target should be restricted to only the paths contained in your imported or linked file(s).

  • ENABLED: If you enable Restrict scans to import files, then the crawler will add to the scan ONLY the paths listed in the import file, ignoring all other parts of the target.

  • DISABLED: If you disable Restrict scans to import files, then the crawler will crawl the target as usual and use the import file to add other paths listed in the import file, EVEN if no other part of the target links to them (orphaned folders/files).

Illustrative scenario

For example, if you create a target with the URL and use an import file containing the following data:


Then, depending on whether the option Restrict scans to import files is enabled or disabled, you will get the following behavior:

Restrict Option

Will crawl and scan

Will NOT crawl and scan



Accepted file formats

You can add paths to a target using output from the following tools:

  • Selenium IDE: Scripts used to automatically test web applications (.html and .side)
  • Telerik Fiddler: Session archives (.saz)
  • Burp: Saved items (.xml) and state files
  • HTTP Archives: Can be exported from various tools, including developer tools included with major browsers (.har)
  • Swagger 2.0 / 3.0: Used to describe RESTful APIs (.json, .yaml, and .yml files)
  • WSDL: Used to describe SOAP web services (.wsdl)
  • WADL: Used to describe restful APIs (.wadl)
  • ASP.NET Web Forms project files (.csproj and .vbproj)
  • Paros log files (
  • Postman collections v2 (.json)
  • GraphQL files (.graphql and .json)
  • Text files with lists of URLs (.txt)


« Back to the Acunetix Support Page