A library used to connect to the Nexpose API
Latest commit 2c12ae0 Mar 20, 2015 @clee-r7 clee-r7 Merge pull request #5 from rapid7/feature/discovery-config-listing
Add the discovery config listing to the session api
Failed to load latest commit information.
src/main cleanup Mar 20, 2015
.gitignore Request a site's scan history Mar 17, 2015
LICENSE Update LICENSE Feb 23, 2012
README.md Request a site's scan history Mar 17, 2015
pom.xml Checked in pom file Mar 13, 2015


Nexpose JAVA API

This tool is made available to aid users in developing software that uses the Nexpose API.
This software is not officially supported by Rapid7 and is made available for the community without warranty


  • You must install the JAVA SDK to use this tool
  • It is highly recommended that you use and IDE (ie: Eclipse, IntelliJ ... etc) when working with these APIs


Use the following to assist in understanding the API's:


// Create a URL that points to your nexpose instance.
URL url = new URL("https://<nexpose_netaddress>:<nexpose_port>");

// Create a session object
// NOTE: APISupportedVersion.XXX V1_0("1.0"), V1_1("1.1"), V1_2("1.2") These correspond the API version  
APISession session = new APISession(url, "xml", APISupportedVersion.V1_2, <username>, <password>));

// Now login
Perform one or many operations:
// see org/rapid7/nexpose/api/APISession.java for a list of supported API operations.   
// Example: The following will print out all the asset groups and their associated risk
List<AssetGroupSummary> assetGroups = (List<AssetGroupSummary>)session.listAssetGroups(session.getSessionID(), null);
for (AssetGroupSummary assetGroup : assetGroups)
   System.out.println("Name: " + assetGroup.getName());
   System.out.println("Risk: " + assetGroup.getRiskScore());
session.logout(session.getSessionID(), null);


This tool comes with some examples located at: org/rapid7/nexpose/api/examples

To run an example from the command line:
  1. Compile normally: mvn install

  2. Run with options: java -cp target/classes <Class_Name_With_Package> <nexpose_netaddress> <port> <username> <password> <other options if needed>