Merge pull request #21 from dreadnode/ads/eng-258-feature-dockerize-z…

…scan-and-robopages-example

feat: zscan example

.github/workflows/validate_robopages.yml

@@ -44,15 +44,14 @@ jobs:
 
             docker pull dreadnode/robopages:latest
 
-            # Run validation with Docker socket mounted
+            # Run validation with Docker socket mounted and skip categories validation
             docker run --rm \
               -v $(pwd):/workspace \
               -v /var/run/docker.sock:/var/run/docker.sock \
               -w /workspace \
               --privileged \
               dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker
           }
-
           # Get changed files using GitHub's provided variables
           changed_files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | \
             grep '\.yml$' | grep -v '^.github/' || true)
@@ -91,4 +90,4 @@ jobs:
               pull_number: context.issue.number,
               body: body,
               event: 'COMMENT'
-            });
+            });

cybersecurity/offensive/web-exploitation/zscan.Dockerfile

@@ -0,0 +1,35 @@
+# Git clone stage
+FROM alpine:latest AS source
+RUN apk add --no-cache git
+WORKDIR /src
+RUN git clone https://github.com/zcyberseclab/zscan.git . || exit 1
+
+# Build stage - update Go version
+FROM golang:1.23.2-alpine AS builder
+WORKDIR /build
+COPY --from=source /src .
+
+# Set Go build flags
+ENV CGO_ENABLED=0 \
+    GOOS=linux \
+    GOARCH=amd64 \
+    GO111MODULE=on
+
+# Build optimized binary
+RUN go mod download && \
+    go build -ldflags="-w -s" -o zscan cmd/main.go
+
+# Final stage
+FROM gcr.io/distroless/static-debian12:nonroot
+WORKDIR /app
+
+# Copy only necessary artifacts
+COPY --from=builder /build/zscan /app/
+COPY --from=builder /build/config /app/config
+COPY --from=builder /build/templates /app/templates
+
+# Container configuration
+USER nonroot:nonroot
+EXPOSE 8080
+
+ENTRYPOINT ["/app/zscan"]

cybersecurity/offensive/web-exploitation/zscan.yml

@@ -0,0 +1,62 @@
+description: >
+  Zscan is a security scanning tool built in Go that provides network exploration
+  and vulnerability assessment capabilities. It combines multiple security tools
+  and techniques into a single interface for comprehensive security testing.
+
+categories:
+  - cybersecurity
+  - offensive
+  - web-expliotation
+
+functions:
+  zscan_default_scan:
+    description: Perform a default security scan against specified targets
+    parameters:
+      target:
+        type: string
+        description: The target IP address or CIDR range to scan
+        examples:
+          - 192.168.1.1
+          - 10.0.0.0/24
+          - 127.0.0.1
+
+    container:
+      build:
+        path: ${cwd}/zscan.Dockerfile
+        name: zscan_local
+      args:
+        - --net=host
+      volumes:
+        - ${cwd}:/data
+
+    cmdline:
+      - /app/zscan
+      - -target
+      - ${target}
+
+  zscan_full_scan:
+    description: Perform a comprehensive security scan
+    parameters:
+      target:
+        type: string
+        description: The target IP address or CIDR range to scan
+      threads:
+        type: integer
+        description: Number of concurrent scanning threads
+        default: 10
+
+    container:
+      build:
+        path: ${cwd}/zscan.Dockerfile
+        name: zscan_local
+      args:
+        - --net=host
+      volumes:
+        - ${cwd}:/data
+
+    cmdline:
+      - /app/zscan
+      - -target
+      - ${target}
+      - -threads
+      - ${threads}