Skip to content

A script to fire a Netsparker scan and periodically poll its progress, and report severity via the Netsparker API

Notifications You must be signed in to change notification settings

EmpireErwinKooi/netsparker-scan

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 

Repository files navigation

Netsparker Scanner

This script is meant to be used to fire a Netsparker scan and periodically poll its progress. When completed, it reports back to the user depending on a defined severity threshold. If the script fails due to severity threshold, it will return an error code of 2, otherwise it will return 1 for general failures. The script operates under the following assumptions:

  • A website object has already been created for the target CI server.
  • A scan profile has already been created for the target website object.
  • The user has an API UserID and Password.
usage: ns_scan.py [-h] --ns-userid USERID --ns-password PASSWORD --ns-uri URI
                  --scan-name PROFILENAME --website-name WEBNAME
                  [--poll-interval POLLINTERVAL]
                  [--severity-threshold SEVTHRESHOLD]
Start a scan in Netsparker and continuously poll for a success or failure
state, subsequently succeed or fail based on a severity threshold.

  -h, --help            show this help message and exit
  --ns-userid USERID, -u USERID
                        The NS API User ID
  --ns-password PASSWORD, -p PASSWORD
                        The NS API Password
  --ns-uri URI, -n URI  The NS API domain/root API endpoint uri.
  --scan-name PROFILENAME, -s PROFILENAME
                        The NS Scan profile name to scan the website with.
                        Case Sensitive.
  --website-name WEBNAME, -w WEBNAME
                        The NS Website name. Case Sensitive.
(OPTIONAL)  --poll-interval POLLINTERVAL, -i POLLINTERVAL
                        The rate at which to poll the API for scan results, in
                        seconds.
(OPTIONAL)  --severity-threshold SEVTHRESHOLD, -t SEVTHRESHOLD
                        The severity at which to fail a scan. 0=info, 1=low,
                        2=med, 3=high, 4=critical

Example 1

Firing a basic scan: ns_scan.py -u 82gf84hs949fhse934shef9w349hefsh -p SAIxI93Xkwos90whXoqjrt+923uH= -n netsparkercloud.com/api/1.0 -s Profile1 -w Website1

Example 2

Setting a custom Poll Interval ns_scan.py -u 82gf84hs949fhse934shef9w349hefsh -p SAIxI93Xkwos90whXoqjrt+923uH= -n netsparkercloud.com/api/1.0 -s Profile1 -w Website1 -i 7 -t 2

About

A script to fire a Netsparker scan and periodically poll its progress, and report severity via the Netsparker API

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%