Security Scanner Plugins
Each plugin is placed under separated package in separate directory.
List of available plugins:
Blacklist
Checks if the domain exists on global blacklists. Supporting Google Safe Browsing, Bitdefender, ESET Online Scanner, Kaspersky.
Configuration keys:
- google_api_key - API Key required for Google Safe Browsing. Get started.
- virustotal_api_key - API Key required for VirusTotal. Get started.
Files
Checks if sensitive files (GIT, SVN, .htaccess) are not accessible
Checks status of security headers in server response
Https
Checks security of TLS/SSL protocol.
Reqiures docker
installed.
IP
Retrieve data based on domain IP.
Requires GeoIP database, check .\securityscanner\plugins\ip\geoip\get.sh
to download MaxMind databases
Configuration keys:
- geo_path - location of GeoIP Database
PageSpeed
Retrieve data about page speed provided by Google PageSpeed Insights
Configuration keys:
- google_api_key - API Key required for Google PageSpeed Tools. Get started.
Ports
Checks which ports are open
Waf
Checks behavior for common vulnerabilities checks like XSS, SQLinjections, executing commands on host operating system.
This plugin only check if website allows for such calls (don't use Web Application Firewall - WAF). Don't check the vulnerability itself.
Wappalyzer
Based on AliasIO/Wappalyzer uncover technologies used on webiste.
Reqiures docker
installed.
Requires to install Docker image wappalyzer\grey_wizard
. Run:
sh .\securityscanner\plugins\wappalyzer\Dockerfile\build.sh
Skeleton of new plugin:
package sample
import (
"github.com/greywizard/securityscanner/securityscanner"
)
type SamplePlugin struct {
securityscanner.Plugin
}
func (s *SamplePlugin) Code() string {
return s.Name()
}
func (s *SamplePlugin) Name() string {
return "Sample"
}
func (s *SamplePlugin) Info() map[string]interface{} {
return map[string]interface{}{}
}
func (s *SamplePlugin) Scan() (map[string]interface{}, error) {
s.Validate()
value := map[string]interface{}{
"ok": "true",
}
return value, nil
}