Skip to content

nwestfall/netsparkerscanrunner

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Repository files navigation

Netsparker Scan Runner

npm version

Quickly and easily run a Netsparker Scan using your Netsparker Cloud Account.

Requirements

You have a Netsparker Cloud account.

Features

Using the Netsparker Cloud API, run a scan using a profile against a url. You can then either make it "fire-and-forget" or report back either in the console or jUnit.

Install

npm install -g netsparker-scan-runner

How to Use (Runner)

netsparker-scan-runner --help

Netsparker Scan Runner Run a scan against your Netsparker Cloud instance using a configured profile. Can optionally wait for the report. Options --userid userid The user id from your Netsparker Account --apitoken apitoken The api token from your Netsparker Account --profilename profilename The profile name saved in your Netsparker Account --targetsite The target url you want to run against --report If you want to wait around for the report (true) or to file and forget (false) --junit If you want to generate a junit report, enter the file name and location here --help Print this usage guide

netsparker-scan-runner -u userid -t apitoken -p ProfileName -s https://example.com/ -j path/to/junit/report.xml

And that's it. Super simple. Super easy.

How to Use (GitHub Action)

The same runner will work as a github action.

- name: Netsparker Scan id: netsparker uses: nwestfall/netsparkerscanrunner@main with: userid: ${{ secrets.NETSPARKER_USER_ID }} apitoken: ${{ secrets.NETSPARKER_API_TOKEN }} profilename: ${{ secrets.NETSPARKER_PROFILE_NAME }} targetsite: ${{ secrets.NETSPARKER_TARGET_SITE }} junit: tests.xml criticalthreshold: 0 #this means 1 more highthreshold: 2 mediumthreshold: 4

Spec

Environment variables

  • None

Inputs

  • userid (required) - The user id from your Netsparker Account
  • apitoken (required) - The api token from your Netsparker Account
  • profilename (required) - The profile name saved in your Netsparker Account
  • targetsite (required) - The target url you want to run against
  • report (default: true) - If you want to wait around for the report (true) or to fire and forget (false)
  • junit - If you want to generate a junit report, enter the file name and location here
  • criticalthreshold - Critical Severity Threshold
  • highthreshold - High Severity Threshold
  • mediumthreshold - Medium Severity Threshold

Outputs

  • scanresults - Scan results from Netsparker (blank if report is false)
  • scanreport - Scan report from Netsparker (blank if report is false)

About

Quickly and easily a Netsparker Scan using your Netsparker Cloud Account

Topics

security node scan netsparker

Resources

Readme

License

View license
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v0.1.9 Latest
Feb 16, 2021
+ 4 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages