feat(scan): test ids as strings (#185)

Author: pmstss

src/SecTester.Core/Dispatchers/HttpCommandDispatcher.cs

@@ -6,9 +6,9 @@
 using System.Threading;
 using System.Threading.Tasks;
 using SecTester.Core.Bus;
-using SecTester.Core.Utils;
 using SecTester.Core.Commands;
 using SecTester.Core.Extensions;
+using SecTester.Core.Utils;
 
 namespace SecTester.Core.Dispatchers;
 

src/SecTester.Repeater/Extensions/ServiceCollectionExtensions.cs

@@ -4,7 +4,6 @@
 using System.Net.Http;
 using Microsoft.Extensions.DependencyInjection;
 using SecTester.Core.Extensions;
-using SecTester.Core.Utils;
 using SecTester.Repeater.Api;
 using SecTester.Repeater.Bus;
 using SecTester.Repeater.Runners;

src/SecTester.Runner/README.md

@@ -67,23 +67,23 @@ To start scanning your application, first you have to create a `SecScan` instanc
 
 ```csharp
 await using var scan = await runner.CreateScan(new ScanSettingsBuilder()
-    .WithTests(new List<TestType> { TestType.CrossSiteScripting }));
+    .WithTests(new List<string> { "xss" }));
 ```
 
 Below you will find a list of parameters that can be used to configure a `Scan`:
 
-| Option                 | Description                                                                                                                                                                                        |
-| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `Target`               | The target that will be attacked. For details, see [here](#defining-a-target-for-attack).                                                                                                          |
-| `Tests`                | The list of tests to be performed against the target application. [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide)                                                    |
-| `RepeaterId`           | Connects the scan to a Repeater agent, which provides secure access to local networks.                                                                                                             |
-| `Smart`                | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default.                                                                     |
-| `SkipStaticParams`     | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default.      |
-| `PoolSize`             | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`.                                                                                           |
-| `AttackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`.                                                                                                          |
-| `SlowEpTimeout`        | Automatically validate entry-point response time before initiating the vulnerability testing, and reduce scan time by skipping any entry-points that take too long to respond. By default, 1000ms. |
-| `TargetTimeout`        | Measure timeout responses from the target application globally, and stop the scan if the target is unresponsive for longer than the specified time. By default, 5min.                              |
-| `Name`                 | The scan name. The method and hostname by default, e.g. `GET example.com`.                                                                                                                         |
+| Option                 | Description                                                                                                                                                                                                                                                |
+| ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `Target`               | The target that will be attacked. For details, see [here](#defining-a-target-for-attack).                                                                                                                                                                  |
+| `Tests`                | The list of tests to be performed against the target application. To retrieve the complete list, send a request to the [API](https://app.brightsec.com/api/v1/scans/tests). [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide). |
+| `RepeaterId`           | Connects the scan to a Repeater agent, which provides secure access to local networks.                                                                                                                                                                     |
+| `Smart`                | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default.                                                                                                                             |
+| `SkipStaticParams`     | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default.                                                              |
+| `PoolSize`             | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`.                                                                                                                                                   |
+| `AttackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`.                                                                                                                                                                  |
+| `SlowEpTimeout`        | Automatically validate entry-point response time before initiating the vulnerability testing, and reduce scan time by skipping any entry-points that take too long to respond. By default, 1000ms.                                                         |
+| `TargetTimeout`        | Measure timeout responses from the target application globally, and stop the scan if the target is unresponsive for longer than the specified time. By default, 5min.                                                                                      |
+| `Name`                 | The scan name. The method and hostname by default, e.g. `GET example.com`.                                                                                                                                                                                 |
 
 We provide a fluent interface for building a `ScanSettings` object. To use it, you start by creating a `ScanSettingsBuilder` instance, and then you call its methods to specify the various settings you want to use for the scan as shown above.
 
@@ -162,7 +162,7 @@ public class OrdersApiTests : IClassFixture<SecRunnerFixture>, IAsyncDisposable
     _test = _fixture
       .Runner
       .CreateScan(new ScanSettingsBuilder()
-        .WithTests(new List<TestType> { TestType.CrossSiteScripting }))
+        .WithTests(new List<string> { "xss" }))
       .Threshold(Severity.Medium)
       .Timeout(TimeSpan.FromMinutes(5));
   }

src/SecTester.Scan/Models/ScanConfig.cs

@@ -7,7 +7,7 @@ public record ScanConfig(string Name)
 {
   public string Name { get; } = Name ?? throw new ArgumentNullException(nameof(Name));
   public Module? Module { get; init; }
-  public IEnumerable<TestType>? Tests { get; init; }
+  public IEnumerable<string>? Tests { get; init; }
   public IEnumerable<Discovery>? DiscoveryTypes { get; init; }
   public int? PoolSize { get; init; }
   public IEnumerable<AttackParamLocation>? AttackParamLocations { get; init; }

src/SecTester.Scan/Models/TestType.cs

@@ -33,23 +33,23 @@ The factory exposes the `CreateScan` method that returns a new [Scan instance](#
 ```csharp
 await using var result = scanFactory.CreateScan(new ScanSettings(
   target,
-  new List<TestType>() { TestType.CrossSiteScripting }));
+  new List<string>() { "xss" }));
 ```
 
 Below you will find a list of parameters that can be used to configure a `Scan`:
 
-| Option                 | Description                                                                                                                                                                                        |
-| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `Target`               | The target that will be attacked. For details, see [here](#defining-a-target-for-attack).                                                                                                          |
-| `Tests`                | The list of tests to be performed against the target application. [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide)                                                    |
-| `RepeaterId`           | Connects the scan to a Repeater agent, which provides secure access to local networks.                                                                                                             |
-| `Smart`                | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default.                                                                     |
-| `SkipStaticParams`     | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default.      |
-| `PoolSize`             | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`.                                                                                           |
-| `AttackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`.                                                                                                          |
-| `SlowEpTimeout`        | Automatically validate entry-point response time before initiating the vulnerability testing, and reduce scan time by skipping any entry-points that take too long to respond. By default, 1000ms. |
-| `TargetTimeout`        | Measure timeout responses from the target application globally, and stop the scan if the target is unresponsive for longer than the specified time. By default, 5min.                              |
-| `Name`                 | The scan name. The method and hostname by default, e.g. `GET example.com`.                                                                                                                         |
+| Option                 | Description                                                                                                                                                                                                                                                |
+| ---------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `Target`               | The target that will be attacked. For details, see [here](#defining-a-target-for-attack).                                                                                                                                                                  |
+| `Tests`                | The list of tests to be performed against the target application. To retrieve the complete list, send a request to the [API](https://app.brightsec.com/api/v1/scans/tests). [Learn more about tests](https://docs.brightsec.com/docs/vulnerability-guide). |
+| `RepeaterId`           | Connects the scan to a Repeater agent, which provides secure access to local networks.                                                                                                                                                                     |
+| `Smart`                | Minimize scan time by using automatic smart decisions regarding parameter skipping, detection phases, etc. Enabled by default.                                                                                                                             |
+| `SkipStaticParams`     | Use an advanced algorithm to automatically determine if a parameter has any effect on the target system's behavior when changed, and skip testing such static parameters. Enabled by default.                                                              |
+| `PoolSize`             | Sets the maximum concurrent requests for the scan, to control the load on your server. By default, `10`.                                                                                                                                                   |
+| `AttackParamLocations` | Defines which part of the request to attack. By default, `body`, `query`, and `fragment`.                                                                                                                                                                  |
+| `SlowEpTimeout`        | Automatically validate entry-point response time before initiating the vulnerability testing, and reduce scan time by skipping any entry-points that take too long to respond. By default, 1000ms.                                                         |
+| `TargetTimeout`        | Measure timeout responses from the target application globally, and stop the scan if the target is unresponsive for longer than the specified time. By default, 5min.                                                                                      |
+| `Name`                 | The scan name. The method and hostname by default, e.g. `GET example.com`.                                                                                                                                                                                 |
 
 We provide a fluent interface for building a `ScanSettings` object. To use it, you start by creating a `ScanSettingsBuilder` instance, and then you call its methods to specify the various settings you want to use for the scan.
 

src/SecTester.Scan/README.md

@@ -20,10 +20,10 @@ public sealed record ScanSettings
   private readonly int? _poolSize;
   private readonly TimeSpan? _slowEpTimeout;
   private readonly TimeSpan? _targetTimeout;
-  private readonly IEnumerable<TestType> _tests;
+  private readonly IEnumerable<string> _tests;
   private readonly Target _target;
 
-  public ScanSettings(string name, Target target, IEnumerable<TestType> tests)
+  public ScanSettings(string name, Target target, IEnumerable<string> tests)
   {
     Name = name;
     Target = target;
@@ -132,7 +132,7 @@ public TimeSpan? TargetTimeout
   /// <summary>
   ///   The list of tests to be performed against the target application
   /// </summary>
-  public IEnumerable<TestType> Tests
+  public IEnumerable<string> Tests
   {
     get => _tests;
     init
@@ -142,11 +142,6 @@ public IEnumerable<TestType> Tests
         throw new ArgumentNullException(nameof(Tests));
       }
 
-      if (value.Any(x => !Enum.IsDefined(typeof(TestType), x)))
-      {
-        throw new ArgumentException("Unknown test type supplied.");
-      }
-
       var unique = value.Distinct().ToArray();
 
       if (!unique.Any())

src/SecTester.Scan/ScanSettings.cs

@@ -19,7 +19,7 @@ public class ScanSettingsBuilder
   private bool _smart = true;
   private Target? _target;
   private TimeSpan _targetTimeout = TimeSpan.FromMinutes(5);
-  private IEnumerable<TestType> _tests = new List<TestType>();
+  private IEnumerable<string> _tests = new List<string>();
 
   /// <summary>
   ///   Sets a target for the scan.
@@ -103,7 +103,7 @@ public ScanSettingsBuilder WithTargetTimeout(TimeSpan value)
   /// <summary>
   ///   Sets a list of tests to run for the scan.
   /// </summary>
-  public ScanSettingsBuilder WithTests(IEnumerable<TestType> value)
+  public ScanSettingsBuilder WithTests(IEnumerable<string> value)
   {
     _tests = value;
     return this;

src/SecTester.Scan/ScanSettingsBuilder.cs

@@ -1,5 +1,4 @@
 using System.Net;
-using System.Text;
 
 namespace SecTester.Core.Tests.Extensions;
 

test/SecTester.Core.Tests/Extensions/HttpResponseMessageExtensionsTests.cs

@@ -21,8 +21,7 @@
 global using SecTester.Core.Dispatchers;
 global using SecTester.Core.Exceptions;
 global using SecTester.Core.Extensions;
-global using SecTester.Core.RetryStrategies;
-global using SecTester.Core.Exceptions;
 global using SecTester.Core.Logger;
+global using SecTester.Core.RetryStrategies;
 global using SecTester.Core.Utils;
 global using Xunit;