dast

package

v0.9.2 Latest Latest Go to latest Published: Apr 30, 2024 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nullify-platform/cli

Links

Open Source Insights

Documentation ¶

Index ¶

func RunDASTScan(ctx context.Context, dast *DAST, nullifyClient *client.NullifyClient, ...) error
func RunLocalScan(ctx context.Context, nullifyClient *client.NullifyClient, githubOwner string, ...) error
type DAST
type DASTExternalScanInput
type DASTExternalScanOutput
type DockerPullOutput
type DockerPullProgressDetail

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func RunDASTScan ¶ added in v0.7.2

func RunDASTScan(ctx context.Context, dast *DAST, nullifyClient *client.NullifyClient, logLevel string) error

func RunLocalScan ¶ added in v0.7.2

func RunLocalScan(
	ctx context.Context,
	nullifyClient *client.NullifyClient,
	githubOwner string,
	githubRepository string,
	input *DASTExternalScanInput,
	imageLabel string,
	forcePullImage bool,
	useHostNetwork bool,
	logLevel string,
) error

Types ¶

type DAST ¶ added in v0.4.0

type DAST struct {
	AppName     string   `arg:"--app-name" help:"The unique name of the app to be scanned, you can set this to anything e.g. Core API"`
	Path        string   `arg:"--spec-path" help:"The file path to the OpenAPI file (both yaml and json are supported) e.g. ./openapi.yaml"`
	TargetHost  string   `arg:"--target-host" help:"The base URL of the API to be scanned e.g. https://api.nullify.ai"`
	AuthHeaders []string `arg:"--header" help:"List of headers for the DAST agent to authenticate with your API"`

	GitHubOwner      string `arg:"--github-owner" help:"The GitHub username or organisation"`
	GitHubRepository string `arg:"--github-repo" help:"The repository name to create the Nullify issue dashboard in e.g. cli"`

	// local scan settings
	Local          bool   `arg:"--local" help:"Test the given app locally for bugs and vulnerabilities in private networks"`
	ImageLabel     string `arg:"--image-label" default:"latest" help:"Version of the DAST local image that is used for scanning"`
	ForcePullImage bool   `arg:"--force-pull" help:"Force a docker pull of the latest version of the DAST local image"`
	UseHostNetwork bool   `arg:"--use-host-network" help:"Use the host network for the DAST local scan"`
}

type DASTExternalScanInput ¶ added in v0.7.0

type DASTExternalScanInput struct {
	AppName     string                 `json:"appName"`
	TargetHost  string                 `json:"targetHost"`
	OpenAPISpec map[string]interface{} `json:"openAPISpec"`
	AuthConfig  models.AuthConfig      `json:"authConfig"`
}

type DASTExternalScanOutput ¶ added in v0.7.0

type DASTExternalScanOutput struct {
	Findings []models.DASTFinding `json:"findings"`
}

type DockerPullOutput ¶ added in v0.8.0

type DockerPullOutput struct {
	Status         string                    `json:"status"`
	ID             string                    `json:"id"`
	ProgressDetail *DockerPullProgressDetail `json:"progressDetail"`
}

type DockerPullProgressDetail ¶ added in v0.8.0

type DockerPullProgressDetail struct {
	Current int `json:"current"`
	Total   int `json:"total"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL