SOOS DAST: vulnerability scanner against your web apps or APIs
LIKE THAT
SOOS is an independent software security company, located in Winooski, VT USA, building security software for your team. SOOS, Software security, simplified.
Use SOOS to scan your software for vulnerabilities and open-source license issues with SOOS Core SCA. Generate SBOMs. Govern your open-source dependencies. Run the SOOS DAST vulnerability scanner against your web apps or APIs.
Scan Modes
Baseline
It runs the ZAP spider against the specified target for (by default) 1 minute and then waits for the passive scanning to complete before reporting the results.
This means that the script doesn’t perform any actual ‘attacks’ and will run for a relatively short period of time (a few minutes at most).
By default, it reports all alerts as WARNings but you can specify a config file which can change any rules to FAIL or IGNORE.
This mode is intended to be ideal to run in a CI/CD environment, even against production sites.
Full Scan
It runs the ZAP spider against the specified target (by default with no time limit) followed by an optional ajax spider scan and then a full Active Scan before reporting the results.
This means that the script does perform actual ‘attacks’ and can potentially run for a long period of time. You should NOT use it on web applications that you do not own. Active Scan can only find certain types of vulnerabilities. Logical vulnerabilities, such as broken access control, will not be found by any active or automated vulnerability scanning. Manual penetration testing should always be performed in addition to active scanning to find all types of vulnerabilities.
By default, it reports all alerts as WARNings but you can specify a config file which can change any rules to FAIL or IGNORE. The configuration works in a very similar way as the Baseline Mode
API Scan
It is an api vulnerability scanner that is defined by openapi, soap, or graphql via either a local file or a URL.
It imports the definition that you specify and then runs an Active Scan against the URLs found. The Active Scan is tuned to APIs, so it doesn’t bother looking for things like XSS.
It also includes 2 scripts:
- Raise alerts for any HTTP Server Error response codes
- Raise alerts for any URLs that return content types that are not usually associated with APIs
Install & Use
Copyright (C) 2023 like-io
