We have taken regular scanners and setup so they run in docker for kubernets. They take enviromant values to start and outpur the result in json for you logsystem to use
The output from the scanners need to be collected and use. For this we use Elasticsearch and Kibana. To process logs fluentd is used. Here is a demo logstack
Our kubernetes operator setup cronjob scans on all service and ingress objects
GitRepo : https://bitbucket.org/sammaio/nmap/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
AWS ip are found by our aws client and cronjob are setup to all AWS ip
GitRepo : https://bitbucket.org/sammaio/nmap/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
You can trigger any scan with a oneliner docker command
Nmap scanner scans the endpoint and detects open ports, TLS settings and fingerprint the webserver
Out scanner has tre diffrent scanners. One with cheks open ports and logs all openports. One that check what TLS settings and ciffers that are used. And the last scanner tryies to detect the webserver version
GitRepo : https://bitbucket.org/sammaio/nmap/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Status : Working
CloseArachini web security framwork
Scan the applications for commin security findings
GitRepo : https://bitbucket.org/sammaio/arachni/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Webbpage : https://www.arachni-scanner.com
Status : Working
CloseNikto
web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software
GitRepo : https://bitbucket.org/sammaio/arachni/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Webbpage : https://cirt.net/Nikto2
Status : Working
CloseArtillery Load Testing
Artillery is a lead test tool. We have it as a scanner and run it get a basic load test baseline
GitRepo : https://bitbucket.org/sammaio/arachni/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Webbpage : https://artillery.io/
Status : Working
CloseOpenVAS
OpenVAS is a full-featured vulnerability scannere
GitRepo : https://bitbucket.org/sammaio/arachni/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Webbpage : http://openvas.org/
Status : Not Working
CloseWapiti
It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.
GitRepo : https://bitbucket.org/sammaio/arachni/src/master/
Docker : https://bitbucket.org/sammaio/nmap/src/master/
Webbpage : http://wapiti.sourceforge.net/
Status : Working
Close