Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability scanner integration (Nuclei) - Runtime config #16

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Vulnerability scanner integration (Nuclei) - Runtime config #16

wants to merge 7 commits into from

Conversation

Zedel17
Copy link

@Zedel17 Zedel17 commented Mar 20, 2024

Targeted wanted from Contributing list:

Integration with vulnerability scanner
Custom scan profile
Interactive mode (partially)

INTEGRATION WITH VULNERABILITY SCANNER:

  • Added the Nuclei tool as a separate pkg in the passive resources
  • Added the automatic check for Nuclei installation
  • Added the possibility to run Nuclei from a specific template path at runtime (flag -i)
  • Added the notification of Nuclei scans with the Discord and Slack web hook
  • Added the "previous run" check to be ready for future implementations (periodic scans)
  • Nuclei output file is in JSON -> WARNING: to parse the output file I used JQ, which does not automatically get installed while running. The software only check if it's present (if not, it abort the scan)
  • Nuclei integration supports the "Interactive mode", this is why I needed to implement a function in the main file to avoid cycle packaging with "passive.go"

CUSTOM SCAN PROFILE - INTERACTIVE MODE

  • Added the flag pkg, in which the check for the flag "-i" (interactive) is implemented

  • If the interactive flag is not provided, the tool will run automatically by reading from the config file, without asking any runtime input (just like in the current version of EasyEASM)

  • If the interactive flag is provided when running the tool (easyeasm -i), the tool will give the possibility to modify the config file at runtime:

    • Add domains to the target lists (automatic check if the domain provided is valid)
    • Add the Slack or Discord web hook
    • Change run type (fast or complete)
    • Change the number of threads

  • If the interactive flag is provided, it will be given the possibility to run the Nuclei scanner and also run it from a specific templates directory (if nothing is provided, it will run from the standard list)

Utilities added

  • GetInput() func to get and check each cmd line input
  • CheckJQ() func to check if Jq is installed
  • NotifiyVuln_() to send the parsed JSON output from Nuclei scans
  • ValidDomain() to check if the provided url at runtime is in a valid format

@Zedel17
Added utility functions. Added nuclei install
f6df01b
@Zedel17
Added the nuclei pkg and nuclei.go
e02c289
@Zedel17
Added runtime changes to config.yml
4b9b809 
Added the flags pkg
Added flag 'i' to config parser to run interactive mode
@Zedel17
Added RunNuclei to passive resources
b0111b5 
Added the PromptNucleiFunc to main (because of pkg struct)
Added interactive mode for nuclei scan
@Zedel17
Added notify func for Nuclei scan
6ec733a
@Zedel17
Added comments and better formatting
598b684 
Added valid check for domains added at runtime
@Zedel17
Small formatting fixes
d40e578
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Zedel17