-
Notifications
You must be signed in to change notification settings - Fork 61
Home
Daniele Linguaglossa edited this page Jan 8, 2018
·
2 revisions
Here we will discuss the basics behind the the new goWAPT feature called Scanner mode
Before reading about API , let's clarify how the plugin structure works.
First of all each plugin must be registered so a global variable containing the plugin name must be created via Scanner.registerPlugin method. When a plugin is executed the test method of each plugin will be called passing a parameter containing the base request as an http.Request object.
When test method ends must return an array of passed test , each passed test will be reported as a vulnerability.
Below an example:
plugin = Scanner.registerPlugin("Useless-plugin", "Just an useless plugin", ScanType.RISK_NOT_INVASIVE);
function test(base_request){
var vulnerabilities = [];
// Just return an empty test list
return vulnerabilities;
}Now let's learn more about API here