@sectester/scan
Advanced tools
The package defines a simple public API to manage scans and their expectations.
The package defines a simple public API to manage scans and their expectations.
npm i -s @sectester/scan
To start scanning your application, you have to create a ScanFactory as follows:
import { Configuration } from '@sectester/core';
import { ScanFactory } from '@sectester/scan';
const config = new Configuration({
hostname: 'app.neuralegion.com'
});
const scanFactory = new ScanFactory(config);
To create a new scan, you have to define a target first (for details, see here):
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com'
});
The factory exposes the createScan method that returns a new Scan instance:
import { TestType } from '@sectester/scan';
const scan = await scanFactory.createScan({
target,
tests: [TestType.HEADER_SECURITY]
});
Below you will find a list of parameters that can be used to configure a Scan:
| Option | Description |
|---|---|
target | The target that will be attacked. For details, see here. |
tests | The list of tests to be performed against the target application. Learn more about tests |
repeaterId | Connects the scan to a Repeater agent, which provides secure access to local networks. |
smart | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default. |
skipStaticParams | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default. |
poolSize | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, 10. |
attackParamLocations | Defines which part of the request to attack. By default, body, query, and fragment. |
slowEpTimeout | Automatically validate entry-point response time before initiating the vulnerability testing, and reduce scan time by skipping any entry-points that take too long to respond. By default, 1000ms. |
targetTimeout | Measure timeout responses from the target application globally, and stop the scan if the target is unresponsive for longer than the specified time. By default, 5min. |
name | The scan name. The method and hostname by default, e.g. GET example.com. |
The target can accept the following options:
stringThe server URL that will be used for the request. Usually the url represents a WHATWG URL:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com'
});
If url contains a query string, they will be parsed as search params:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com?foo=bar'
});
console.log(target.queryString); // foo=bar
If you pass a query parameter, it will override these which obtained from url:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com?foo=bar',
query: '?bar=foo'
});
console.log(target.queryString); // bar=foo
string | HttpMethodThe request method to be used when making the request, GET by default:
import { Target, HttpMethod } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
method: HttpMethod.DELETE
});
string | URLSearchParams | Record<string, string | string[]>The query parameters to be sent with the request:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
query: {
hello: 'world',
foo: '123'
}
});
console.log(target.queryString); // hello=world&foo=123
If you need to pass an array, you can do it using a URLSearchParams instance:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
query: new URLSearchParams([
['key', 'a'],
['key', 'b']
])
});
console.log(target.queryString); // key=a&key=b
This will override the query string in url.
It is possible to define a custom serializer for query parameters:
import { Target } from '@sectester/scan';
import { stringify } from 'qs';
const target = new Target({
url: 'https://example.com',
query: { a: ['b', 'c', 'd'] },
serializeQuery(params: Record<string, string | string[]>): string {
return stringify(params);
}
});
console.log(target.queryString); // a[0]=b&a[1]=c&a[2]=d
Record<string, string | string[]>The HTTP headers to be sent:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
headers: {
'content-type': 'application/json'
}
});
unknownThe data to be sent as the request body. Makes sense only for POST, PUT, PATCH, and DELETE:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
body: {
foo: 'bar'
}
});
You can use FormData objects, such as form-data, as request body as well:
import { Target } from '@sectester/scan';
import FormData from 'form-data';
const form = new FormData();
form.append('greeting', 'Hello, world!');
const target = new Target({
url: 'https://example.com',
body: form
});
It is possible to set a form as body using an instance of URLSearchParams:
import { Target } from '@sectester/scan';
const target = new Target({
url: 'https://example.com',
body: new URLSearchParams('foo=bar')
});
The Scan provides a lightweight API to revise and control the status of test execution.
For instance, to get a list of found issues, you can use the issues method:
const issues = await scan.issues();
To wait for certain conditions you can use the expect method:
await scan.expect(Severity.HIGH);
const issues = await scan.issues();
It returns control as soon as a scan is done, timeout is gone, or an expectation is satisfied.
You can also define a custom expectation passing a function that accepts an instance of Scan as follows:
await scan.expect((scan: Scan) => scan.done);
It might return a Promise instance as well:
await scan.expect(async (scan: Scan) => {
const issues = await scan.issues();
return issues.length > 3;
});
You can use the status method to obtain scan status, to ensure that the scan is done and nothing prevents the user to check for issues, or for other reasons:
for await (const state of scan.status()) {
// your code
}
This
for...ofwill work while a scan is active.
To stop scan, use the stop method:
await scan.stop();
To dispose a scan, you just need to call the dispose method:
await scan.dispose();
Copyright © 2024 Bright Security.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
The package defines a simple public API to manage scans and their expectations.
The npm package @sectester/scan receives a total of 345 weekly downloads. As such, @sectester/scan popularity was classified as not popular.
We found that @sectester/scan demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.