From 0795e848d3ddd66f42a4ca23697e8802d5f77d35 Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Mon, 25 Nov 2024 08:17:43 -0500 Subject: [PATCH 1/3] feat: zscan example --- .../web-exploitation/zscan.Dockerfile | 35 ++++++++++++ .../offensive/web-exploitation/zscan.yml | 57 +++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 cybersecurity/offensive/web-exploitation/zscan.Dockerfile create mode 100644 cybersecurity/offensive/web-exploitation/zscan.yml diff --git a/cybersecurity/offensive/web-exploitation/zscan.Dockerfile b/cybersecurity/offensive/web-exploitation/zscan.Dockerfile new file mode 100644 index 0000000..c276ece --- /dev/null +++ b/cybersecurity/offensive/web-exploitation/zscan.Dockerfile @@ -0,0 +1,35 @@ +# Git clone stage +FROM alpine:latest AS source +RUN apk add --no-cache git +WORKDIR /src +RUN git clone https://github.com/zcyberseclab/zscan.git . || exit 1 + +# Build stage - update Go version +FROM golang:1.23.2-alpine AS builder +WORKDIR /build +COPY --from=source /src . + +# Set Go build flags +ENV CGO_ENABLED=0 \ + GOOS=linux \ + GOARCH=amd64 \ + GO111MODULE=on + +# Build optimized binary +RUN go mod download && \ + go build -ldflags="-w -s" -o zscan cmd/main.go + +# Final stage +FROM gcr.io/distroless/static-debian12:nonroot +WORKDIR /app + +# Copy only necessary artifacts +COPY --from=builder /build/zscan /app/ +COPY --from=builder /build/config /app/config +COPY --from=builder /build/templates /app/templates + +# Container configuration +USER nonroot:nonroot +EXPOSE 8080 + +ENTRYPOINT ["/app/zscan"] \ No newline at end of file diff --git a/cybersecurity/offensive/web-exploitation/zscan.yml b/cybersecurity/offensive/web-exploitation/zscan.yml new file mode 100644 index 0000000..435ff37 --- /dev/null +++ b/cybersecurity/offensive/web-exploitation/zscan.yml @@ -0,0 +1,57 @@ +description: > + Zscan is a security scanning tool built in Go that provides network exploration + and vulnerability assessment capabilities. It combines multiple security tools + and techniques into a single interface for comprehensive security testing. + +functions: + zscan_default_scan: + description: Perform a default security scan against specified targets + parameters: + target: + type: string + description: The target IP address or CIDR range to scan + examples: + - 192.168.1.1 + - 10.0.0.0/24 + - 127.0.0.1 + + container: + build: + path: ${cwd}/zscan.Dockerfile + name: zscan_local + args: + - --net=host + volumes: + - ${cwd}:/data + + cmdline: + - /app/zscan + - -target + - ${target} + + zscan_full_scan: + description: Perform a comprehensive security scan + parameters: + target: + type: string + description: The target IP address or CIDR range to scan + threads: + type: integer + description: Number of concurrent scanning threads + default: 10 + + container: + build: + path: ${cwd}/zscan.Dockerfile + name: zscan_local + args: + - --net=host + volumes: + - ${cwd}:/data + + cmdline: + - /app/zscan + - -target + - ${target} + - -threads + - ${threads} From 13dcefba18f2af2040c82837c8f5470ed50bf02b Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Mon, 25 Nov 2024 08:29:52 -0500 Subject: [PATCH 2/3] fix: try skip categories in workflow --- .github/workflows/validate_robopages.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index b379e82..7fae42f 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -44,15 +44,14 @@ jobs: docker pull dreadnode/robopages:latest - # Run validation with Docker socket mounted + # Run validation with Docker socket mounted and skip categories validation docker run --rm \ -v $(pwd):/workspace \ -v /var/run/docker.sock:/var/run/docker.sock \ -w /workspace \ --privileged \ - dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker + dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker --skip-categories } - # Get changed files using GitHub's provided variables changed_files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | \ grep '\.yml$' | grep -v '^.github/' || true) @@ -91,4 +90,4 @@ jobs: pull_number: context.issue.number, body: body, event: 'COMMENT' - }); \ No newline at end of file + }); From e27d28b34d27d7c436da2396fa4ed9c3079b51bc Mon Sep 17 00:00:00 2001 From: Ads Dawson <104169244+GangGreenTemperTatum@users.noreply.github.com> Date: Mon, 25 Nov 2024 08:38:56 -0500 Subject: [PATCH 3/3] fix: remove invalid param and add categories for now --- .github/workflows/validate_robopages.yml | 2 +- cybersecurity/offensive/web-exploitation/zscan.yml | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index 7fae42f..8f3b637 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -50,7 +50,7 @@ jobs: -v /var/run/docker.sock:/var/run/docker.sock \ -w /workspace \ --privileged \ - dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker --skip-categories + dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker } # Get changed files using GitHub's provided variables changed_files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | \ diff --git a/cybersecurity/offensive/web-exploitation/zscan.yml b/cybersecurity/offensive/web-exploitation/zscan.yml index 435ff37..8f6100c 100644 --- a/cybersecurity/offensive/web-exploitation/zscan.yml +++ b/cybersecurity/offensive/web-exploitation/zscan.yml @@ -3,6 +3,11 @@ description: > and vulnerability assessment capabilities. It combines multiple security tools and techniques into a single interface for comprehensive security testing. +categories: + - cybersecurity + - offensive + - web-expliotation + functions: zscan_default_scan: description: Perform a default security scan against specified targets