Updated readme for integrated scanner

Author: rfelber

integrations/nmap/readme.md

@@ -59,3 +59,6 @@ Some useful example parameters listed below:
 2. Update the parser function here: `./parser/parser.js`
 3. Update the parser tests here: `./parser/parser.test.js`
 4. Run the testsuite: `npm test`
+
+#### Basic scanner tests
+If you want to test sslyze localy you can use brew (only on macOS) to install it: `brew install nmap`

integrations/sslyze/README.md

@@ -21,14 +21,117 @@ helm upgrade --install sslyze ./integrations/sslyze/
 
 A set of examples can be found in the [examples](./examples) folder.
 * Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml)
-* Example *example.com* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml)
+* Example *example.com* [scan](./examples/example.com/scan.yaml) and [findings](./examples/example.com/findings.yaml)
 
 ## Configuration
 
 The follwing security scan configuration example are based on the [SSLyze Documentation], please take a look at the original documentation for more configuration examples.
 
 The command line interface can be used to easily run server scans: `sslyze --regular www.example.com`
 
+```bash
+Usage: sslyze [options] target1.com target2.com:443 target3.com:443{ip} etc...
+
+Options:
+  --version             show program's version number and exit
+  -h, --help            show this help message and exit
+  --regular             Regular HTTPS scan; shortcut for --sslv2 --sslv3
+                        --tlsv1 --tlsv1_1 --tlsv1_2 --tlsv1_3 --reneg --resum
+                        --certinfo --hide_rejected_ciphers --compression
+                        --heartbleed --openssl_ccs --fallback --robot
+
+  Trust stores options:
+    --update_trust_stores
+                        Update the default trust stores used by SSLyze. The
+                        latest stores will be downloaded from https://github.c
+                        om/nabla-c0d3/trust_stores_observatory. This option is
+                        meant to be used separately, and will silence any
+                        other command line option supplied to SSLyze.
+
+  Client certificate options:
+    --cert=CERT         Client certificate chain filename. The certificates
+                        must be in PEM format and must be sorted starting with
+                        the subject's client certificate, followed by
+                        intermediate CA certificates if applicable.
+    --key=KEY           Client private key filename.
+    --keyform=KEYFORM   Client private key format. DER or PEM (default).
+    --pass=KEYPASS      Client private key passphrase.
+
+  Input and output options:
+    --json_out=JSON_FILE
+                        Write the scan results as a JSON document to the file
+                        JSON_FILE. If JSON_FILE is set to "-", the JSON output
+                        will instead be printed to stdout. The resulting JSON
+                        file is a serialized version of the ScanResult objects
+                        described in SSLyze's Python API: the nodes and
+                        attributes will be the same. See https://nabla-c0d3.gi
+                        thub.io/sslyze/documentation/available-scan-
+                        commands.html for more details.
+    --targets_in=TARGETS_IN
+                        Read the list of targets to scan from the file
+                        TARGETS_IN. It should contain one host:port per line.
+    --quiet             Do not output anything to stdout; useful when using
+                        --json_out.
+
+  Connectivity options:
+    --slow_connection   Greatly reduce the number of concurrent connections
+                        initiated by SSLyze. This will make the scans slower
+                        but more reliable if the connection between your host
+                        and the server is slow, or if the server cannot handle
+                        many concurrent connections. Enable this option if you
+                        are getting a lot of timeouts or errors.
+    --https_tunnel=HTTPS_TUNNEL
+                        Tunnel all traffic to the target server(s) through an
+                        HTTP CONNECT proxy. HTTP_TUNNEL should be the proxy's
+                        URL: 'http://USER:PW@HOST:PORT/'. For proxies
+                        requiring authentication, only Basic Authentication is
+                        supported.
+    --starttls=STARTTLS
+                        Perform a StartTLS handshake when connecting to the
+                        target server(s). StartTLS should be one of: auto,
+                        smtp, xmpp, xmpp_server, pop3, imap, ftp, ldap, rdp,
+                        postgres. The 'auto' option will cause SSLyze to
+                        deduce the protocol (ftp, imap, etc.) from the
+                        supplied port number, for each target servers.
+    --xmpp_to=XMPP_TO   Optional setting for STARTTLS XMPP. XMPP_TO should be
+                        the hostname to be put in the 'to' attribute of the
+                        XMPP stream. Default is the server's hostname.
+    --sni=SNI           Use Server Name Indication to specify the hostname to
+                        connect to.  Will only affect TLS 1.0+ connections.
+
+  Scan commands:
+    --tlsv1_1           Test a server for TLS 1.1 support.
+    --tlsv1_2           Test a server for TLS 1.2 support.
+    --robot             Test a server for the ROBOT vulnerability.
+    --reneg             Test a server for for insecure TLS renegotiation and
+                        client-initiated renegotiation.
+    --early_data        Test a server for TLS 1.3 early data support.
+    --fallback          Test a server for the TLS_FALLBACK_SCSV mechanism to
+                        prevent downgrade attacks.
+    --tlsv1_3           Test a server for TLS 1.3 support.
+    --certinfo          Retrieve and analyze a server's certificate(s) to
+                        verify its validity.
+    --certinfo_ca_file=CERTINFO_CA_FILE
+                        Path to a file containing root certificates in PEM
+                        format that will be used to verify the validity of the
+                        server's certificate.
+    --heartbleed        Test a server for the OpenSSL Heartbleed
+                        vulnerability.
+    --resum_rate        Measure a server's session resumption rate when
+                        attempting 100 resumptions using session IDs.
+    --resum             Test a server for session resumption support using
+                        session IDs and TLS tickets.
+    --http_headers      Test a server for the presence of security-related
+                        HTTP headers.
+    --sslv2             Test a server for SSL 2.0 support.
+    --tlsv1             Test a server for TLS 1.0 support.
+    --sslv3             Test a server for SSL 3.0 support.
+    --compression       Test a server for TLS compression support, which can
+                        be leveraged to perform a CRIME attack.
+    --openssl_ccs       Test a server for the OpenSSL CCS Injection
+                        vulnerability (CVE-2014-0224).
+```
+
 ## Development
 
 ### Local setup
@@ -43,5 +146,8 @@ The command line interface can be used to easily run server scans: `sslyze --reg
 3. Update the parser tests here: `./parser/parser.test.js`
 4. Run the testsuite: `npm test`
 
+#### Basic scanner tests
+If you want to test sslyze localy you can use brew (only on macOS) to install it: `brew install sslyze`
+
 [SSLyze GitHub]: https://github.com/nabla-c0d3/sslyze
 [SSLyze Documentation]: https://nabla-c0d3.github.io/sslyze/documentation/

integrations/zap/README.md

@@ -0,0 +1,80 @@
+---
+title: "ZAP"
+path: "scanner/Zap"
+category: "scanner"
+usecase: "Webapplication Vulnerability Scanner"
+---
+
+![zap logo](https://raw.githubusercontent.com/wiki/zaproxy/zaproxy/images/zap32x32.png)
+
+The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
+
+To learn more about the ZAP scanner itself visit [OWASP_Zap_Project] or [zaproxy.org].
+
+<!-- end -->
+
+## Deployment
+
+The ZAP scanType can be deployed via helm.
+
+```bash
+helm upgrade --install zap ./integrations/zap/
+```
+
+## Examples
+
+A set of examples can be found in the [examples](./examples) folder.
+* Example *secureCodeBox.io* [scan](./examples/secureCodeBox.io/scan.yaml) and [findings](./examples/secureCodeBox.io/findings.yaml)
+* Example *example.com* [scan](./examples/example.com/scan.yaml) and [findings](./examples/example.com/findings.yaml)
+
+## Configuration
+
+The follwing security scan configuration example are based on the [ZAP Documentation], please take a look at the original documentation for more configuration examples.
+
+The command line interface can be used to easily run server scans: `-t www.example.com`
+
+```bash
+Usage: zap-baseline.py -t <target> [options]
+    -t target         target URL including the protocol, eg https://www.example.com
+Options:
+    -h                print this help message
+    -c config_file    config file to use to INFO, IGNORE or FAIL warnings
+    -u config_url     URL of config file to use to INFO, IGNORE or FAIL warnings
+    -g gen_file       generate default config file (all rules set to WARN)
+    -m mins           the number of minutes to spider for (default 1)
+    -r report_html    file to write the full ZAP HTML report
+    -w report_md      file to write the full ZAP Wiki (Markdown) report
+    -x report_xml     file to write the full ZAP XML report
+    -J report_json    file to write the full ZAP JSON document
+    -a                include the alpha passive scan rules as well
+    -d                show debug messages
+    -P                specify listen port
+    -D                delay in seconds to wait for passive scanning 
+    -i                default rules not in the config file to INFO
+    -I                do not return failure on warning
+    -j                use the Ajax spider in addition to the traditional one
+    -l level          minimum level to show: PASS, IGNORE, INFO, WARN or FAIL, use with -s to hide example URLs
+    -n context_file   context file which will be loaded prior to spidering the target
+    -p progress_file  progress file which specifies issues that are being addressed
+    -s                short output format - dont show PASSes or example URLs
+    -T                max time in minutes to wait for ZAP to start and the passive scan to run
+    -z zap_options    ZAP command line options e.g. -z "-config aaa=bbb -config ccc=ddd"
+    --hook            path to python file that define your custom hooks
+```
+
+## Development
+
+### Local setup
+1. Clone the repository `git clone git@github.com:secureCodeBox/secureCodeBox-v2-alpha.git`
+2. Ensure you have node.js installed
+   * On MacOs with brew package manager: `brew install node`
+
+### Parser Development
+
+1. Install the dependencies `npm install`
+2. Update the parser function here: `./parser/parser.js`
+3. Update the parser tests here: `./parser/parser.test.js`
+4. Run the testsuite: `npm test`
+
+[SSLyze GitHub]: https://github.com/nabla-c0d3/sslyze
+[SSLyze Documentation]: https://nabla-c0d3.github.io/sslyze/documentation/