Integration with vulnerability scanner
Custom scan profile
Interactive mode (partially)
INTEGRATION WITH VULNERABILITY SCANNER:
Added the Nuclei tool as a separate pkg in the passive resources
Added the automatic check for Nuclei installation
Added the possibility to run Nuclei from a specific template path at runtime (flag -i)
Added the notification of Nuclei scans with the Discord and Slack web hook
Added the "previous run" check to be ready for future implementations (periodic scans)
Nuclei output file is in JSON -> WARNING: to parse the output file I used JQ, which does not automatically get installed while running. The software only check if it's present (if not, it abort the scan)
Nuclei integration supports the "Interactive mode", this is why I needed to implement a function in the main file to avoid cycle packaging with "passive.go"
CUSTOM SCAN PROFILE - INTERACTIVE MODE
Added the flag pkg, in which the check for the flag "-i" (interactive) is implemented
If the interactive flag is not provided, the tool will run automatically by reading from the config file, without asking any runtime input (just like in the current version of EasyEASM)
If the interactive flag is provided when running the tool (easyeasm -i), the tool will give the possibility to modify the config file at runtime:
Add domains to the target lists (automatic check if the domain provided is valid)
Add the Slack or Discord web hook
Change run type (fast or complete)
Change the number of threads
If the interactive flag is provided, it will be given the possibility to run the Nuclei scanner and also run it from a specific templates directory (if nothing is provided, it will run from the standard list)
Utilities added
GetInput() func to get and check each cmd line input
CheckJQ() func to check if Jq is installed
NotifiyVuln_() to send the parsed JSON output from Nuclei scans
ValidDomain() to check if the provided url at runtime is in a valid format
Targeted wanted from Contributing list:
INTEGRATION WITH VULNERABILITY SCANNER:
CUSTOM SCAN PROFILE - INTERACTIVE MODE
Added the flag pkg, in which the check for the flag "-i" (interactive) is implemented
If the interactive flag is not provided, the tool will run automatically by reading from the config file, without asking any runtime input (just like in the current version of EasyEASM)
If the interactive flag is provided when running the tool (easyeasm -i), the tool will give the possibility to modify the config file at runtime:
If the interactive flag is provided, it will be given the possibility to run the Nuclei scanner and also run it from a specific templates directory (if nothing is provided, it will run from the standard list)
Utilities added