diff --git a/.github/workflows/validate_robopages.yml b/.github/workflows/validate_robopages.yml index b379e82..8f3b637 100644 --- a/.github/workflows/validate_robopages.yml +++ b/.github/workflows/validate_robopages.yml @@ -44,7 +44,7 @@ jobs: docker pull dreadnode/robopages:latest - # Run validation with Docker socket mounted + # Run validation with Docker socket mounted and skip categories validation docker run --rm \ -v $(pwd):/workspace \ -v /var/run/docker.sock:/var/run/docker.sock \ @@ -52,7 +52,6 @@ jobs: --privileged \ dreadnode/robopages:latest validate --path "$(printf '%q' "$file")" --skip-docker } - # Get changed files using GitHub's provided variables changed_files=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | \ grep '\.yml$' | grep -v '^.github/' || true) @@ -91,4 +90,4 @@ jobs: pull_number: context.issue.number, body: body, event: 'COMMENT' - }); \ No newline at end of file + }); diff --git a/cybersecurity/offensive/web-exploitation/zscan.Dockerfile b/cybersecurity/offensive/web-exploitation/zscan.Dockerfile new file mode 100644 index 0000000..c276ece --- /dev/null +++ b/cybersecurity/offensive/web-exploitation/zscan.Dockerfile @@ -0,0 +1,35 @@ +# Git clone stage +FROM alpine:latest AS source +RUN apk add --no-cache git +WORKDIR /src +RUN git clone https://github.com/zcyberseclab/zscan.git . || exit 1 + +# Build stage - update Go version +FROM golang:1.23.2-alpine AS builder +WORKDIR /build +COPY --from=source /src . + +# Set Go build flags +ENV CGO_ENABLED=0 \ + GOOS=linux \ + GOARCH=amd64 \ + GO111MODULE=on + +# Build optimized binary +RUN go mod download && \ + go build -ldflags="-w -s" -o zscan cmd/main.go + +# Final stage +FROM gcr.io/distroless/static-debian12:nonroot +WORKDIR /app + +# Copy only necessary artifacts +COPY --from=builder /build/zscan /app/ +COPY --from=builder /build/config /app/config +COPY --from=builder /build/templates /app/templates + +# Container configuration +USER nonroot:nonroot +EXPOSE 8080 + +ENTRYPOINT ["/app/zscan"] \ No newline at end of file diff --git a/cybersecurity/offensive/web-exploitation/zscan.yml b/cybersecurity/offensive/web-exploitation/zscan.yml new file mode 100644 index 0000000..8f6100c --- /dev/null +++ b/cybersecurity/offensive/web-exploitation/zscan.yml @@ -0,0 +1,62 @@ +description: > + Zscan is a security scanning tool built in Go that provides network exploration + and vulnerability assessment capabilities. It combines multiple security tools + and techniques into a single interface for comprehensive security testing. + +categories: + - cybersecurity + - offensive + - web-expliotation + +functions: + zscan_default_scan: + description: Perform a default security scan against specified targets + parameters: + target: + type: string + description: The target IP address or CIDR range to scan + examples: + - 192.168.1.1 + - 10.0.0.0/24 + - 127.0.0.1 + + container: + build: + path: ${cwd}/zscan.Dockerfile + name: zscan_local + args: + - --net=host + volumes: + - ${cwd}:/data + + cmdline: + - /app/zscan + - -target + - ${target} + + zscan_full_scan: + description: Perform a comprehensive security scan + parameters: + target: + type: string + description: The target IP address or CIDR range to scan + threads: + type: integer + description: Number of concurrent scanning threads + default: 10 + + container: + build: + path: ${cwd}/zscan.Dockerfile + name: zscan_local + args: + - --net=host + volumes: + - ${cwd}:/data + + cmdline: + - /app/zscan + - -target + - ${target} + - -threads + - ${threads}