Intruder
Intruder is a cloud-based vulnerability management platform that helps organizations continuously monitor their attack surface and proactively identify security weaknesses. It performs automated scanning of external and internal infrastructure, web applications, and APIs, checking against more than 140,000 infrastructure checks and 75+ application-layer checks. Intruder prioritizes vulnerabilities by actual risk, provides actionable remediation guidance, and integrates with CI/CD pipelines, Jira, and other tools to streamline the security workflow for development and security teams.

Power end-to-end data operations for your Intruder API with Nexla. Our bi-directional Intruder connector is purpose-built for Intruder, making it simple to ingest data, sync it across systems, and deliver it anywhere — all with no coding required. Nexla turns API-sourced data into ready-to-use, reusable data products and makes it easy to send data to Intruder or any other destination. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your Intruder workflows fast, secure, and fully governed.
Features
Type: API
- Seamless API Integration: Connect to any endpoint as source or destination without coding, with automatic data product creation
- Visual Composition & Chaining: Build complex integrations using visual templates, chain API calls, and compose workflows with data validation and filtering
- API Proxy: Expose curated slices of your data securely with a secure and customizable API proxy that validates and transforms data on the fly
- Request optimization with intelligent batching, retry, and caching to minimize API calls and costs
Prerequisites
To connect Nexla to Intruder, you need an active Intruder account and a personal access token. Intruder uses OAuth 2.0 bearer token authentication—every API request must include your access token in the Authorization header. Tokens can be given a descriptive name and an optional expiry date, making them straightforward to manage and rotate.
Create an Intruder Access Token
-
Sign in to your Intruder account at app.intruder.io.
-
Click your account avatar or name in the top-right corner, then navigate to Account > Settings > My account.
-
Scroll to the API Access Tokens section of the My account page.
-
Click the Create Access Token button.
-
Enter a descriptive name for the token in the Name field. Use a name that identifies the purpose of the token, such as
Nexla Integration, so it is easy to identify later. -
Optionally, set an Expiry Date for the token. If you set an expiry date, the token will be automatically revoked on that date and Nexla will no longer be able to connect using it. Leave this field blank if you do not want the token to expire automatically.
-
Enter your account password when prompted and click OK to confirm.
-
Your new access token will be displayed on screen. Click the Copy button to copy the token to your clipboard.
Copy your access token immediately after it is generated. For security reasons, Intruder will not display the full token value again after you navigate away from this page. Store the token in a secure location such as a password manager.
For complete details on creating and managing API access tokens in Intruder, see the Creating API access tokens article in the Intruder Help Center and the Creating an access token guide in the Intruder Developer Hub.
Authenticate
Create a credential in Nexla
-
After selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
-
Enter the Intruder access token you generated in Prerequisites into the Access Token field. Nexla uses this token as a Bearer token to authenticate all API requests to Intruder on your behalf.
The access token is transmitted securely and stored encrypted within Nexla. Treat your access token like a password—do not share it or include it in source code repositories.
-
Click the Save button at the bottom of the overlay. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation.
Use as a data source
To create a new data flow, navigate to the Integrate section, and click the New Data Flow button. Select the Intruder connector tile, then select the credential that will be used to connect to the Intruder instance, and click Next; or, create a new Intruder credential for use in this flow.
Endpoint templates
Nexla provides pre-built templates that can be used to rapidly configure data sources to ingest data from common Intruder endpoints. Select the endpoint from which this source will fetch data from the Endpoint pulldown menu. Available endpoint templates are listed in the expandable boxes below.
Once the selected endpoint template has been configured, click the Test button to the right of the endpoint selection menu to retrieve a sample of the data that will be fetched. Sample data will be displayed in the Endpoint Test Result panel on the right, allowing you to verify that the source is configured correctly before saving.
Manual configuration
Intruder data sources can also be manually configured to ingest data from any valid Intruder API endpoint, including endpoints not covered by the pre-built templates, chained API calls, or custom request parameters. Select the Advanced tab at the top of the configuration screen, and follow the instructions in Connect to Any API to configure the API method, endpoint URL, date/time and lookup macros, path to data, metadata, and request headers.
The Intruder REST API primarily uses GET for retrieving data such as targets, issues, scans, and occurrences, and POST for creating resources or triggering actions such as starting a new scan. All Intruder API endpoints use the base URL https://api.intruder.io/v1/ followed by the resource path—for example, https://api.intruder.io/v1/targets, https://api.intruder.io/v1/issues, https://api.intruder.io/v1/scans, and https://api.intruder.io/v1/occurrences. You do not need to include the Authorization header in Request Headers—it is automatically added from your Intruder credential. For a complete list of available Intruder API endpoints, see the Intruder API Reference.
Once all of the relevant settings have been configured, click the Create button in the upper right corner of the screen to save and create the new Intruder data source. Nexla will now begin ingesting data from the configured endpoint and will organize any data that it finds into one or more Nexsets.