konklone
commented
6 years ago A scan that used this branch is published at:
https://pulse.cio.gov/https/domains/
However, the a11y and phantomas executables (and the node binary they use) are still not set up for cron-based execution (the path to node cannot be found, as the phantomas executable is a script referencing /usr/bin/env node, which is not defined in cron's environment).
So, they do run locally as expected, even intermingled with Lambda-based scanners, but the output isn't suitable for staging, where those datasets are used. However, this has been the status quo since before this PR.
This enables
--lambdamode forpshttandsslyzescans in production. It relies on the--lambda-profileflag recently added to domain-scan, to use a separate AWS named profile from the one used to speak to the cloud.gov S3 bucket.It also documents the use of the Rapid7 Reverse DNS data source for subdomains.