Skip to content

Commit

Permalink
updated README for Nessus
Browse files Browse the repository at this point in the history
  • Loading branch information
jeremychoi committed Dec 8, 2024
1 parent 386fab1 commit d61e660
Showing 1 changed file with 25 additions and 3 deletions.
28 changes: 25 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,13 +6,15 @@ RapiDAST (Rapid DAST) is an open-source security testing tool that automates DAS

RapiDAST provides:

- Simplified HTTP/API security scanning using [ZAP]
- Automated HTTP/API security scanning using ZAP
- Kubernetes opearator scanning using OOBTKUBE
- Automated vulnerability scanning using Nessus (requires a Nessus license and instance)
- Command-line execution with yaml configuration, suitable for integration in CI/CD pipelines
- Ability to run automated DAST scanning with pre-built or custom container images
- HTML, JSON and XML report generation
- Integration with reporting solutions such as [OWASP DefectDojo](https://owasp.org/www-project-defectdojo/)
- Integration with Google Cloud Storage and [OWASP DefectDojo](https://owasp.org/www-project-defectdojo/)

RapiDAST is used for testing applications, and should not be used on production systems.
RapiDAST is to be used for testing purpose, and should not be used on production systems.

## Quickstart

Expand Down Expand Up @@ -488,6 +490,26 @@ scanners:
- formhandler.fields.field(0).value=default
```

#### Nessus

Nessus is a vulnerability scanner developed by Tenable, Inc. It helps organizations identify and address security vulnerabilities across various systems, devices, and applications.

The following is an example to launch a scan:
```yaml
scanners:
nessus:
server:
url: https://nessus-example.com/ # URL of Nessus instance
username: foo # OR username_from_var: NESSUS_USER
password: bar # OR password_from_var: NESSUS_PASSWORD
scan:
name: test-scan # name of new scan to create
folder: test-folder # name of folder in to contain scan
policy: "py-test" # policy used for scan
# timeout: 600 # timeout in seconds to complete scan
targets:
- 127.0.0.1
```

#### Generic scanner

Expand Down

0 comments on commit d61e660

Please sign in to comment.