{"id":22014764,"url":"https://github.com/neuralegion/run-scan","last_synced_at":"2025-06-10T20:34:39.127Z","repository":{"id":38196999,"uuid":"258265124","full_name":"NeuraLegion/run-scan","owner":"NeuraLegion","description":"Action runs a new security scan in NeuraLegion, or reruns an existing one","archived":false,"fork":false,"pushed_at":"2025-05-13T08:19:52.000Z","size":355,"stargazers_count":2,"open_issues_count":3,"forks_count":3,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-05-25T17:04:44.259Z","etag":null,"topics":["github-actions","scan","security"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NeuraLegion.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-04-23T16:30:33.000Z","updated_at":"2025-04-29T14:47:21.000Z","dependencies_parsed_at":"2024-02-09T16:31:40.851Z","dependency_job_id":"76104a38-d157-4624-9e05-d6483a4a8ae4","html_url":"https://github.com/NeuraLegion/run-scan","commit_stats":{"total_commits":37,"total_committers":7,"mean_commits":5.285714285714286,"dds":0.5135135135135135,"last_synced_commit":"0069b47c4e4b6a2b0ac014a9db0e926fda21d3b1"},"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NeuraLegion%2Frun-scan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NeuraLegion%2Frun-scan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NeuraLegion%2Frun-scan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NeuraLegion%2Frun-scan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NeuraLegion","download_url":"https://codeload.github.com/NeuraLegion/run-scan/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NeuraLegion%2Frun-scan/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259146368,"owners_count":22812216,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions","scan","security"],"created_at":"2024-11-30T04:17:43.667Z","updated_at":"2025-06-10T20:34:39.104Z","avatar_url":"https://github.com/NeuraLegion.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Run a Bright Scan\n\nThis action runs a new security scan in Bright, or reruns an existing one.\n\n### Build Secure Apps \u0026 APIs. Fast.\n\n[Bright](https://www.brightsec.com) is a powerful dynamic application \u0026 API security testing (DAST) platform that security teams trust and developers love.\n\n### Automatically Tests Every Aspect of Your Apps \u0026 APIs\n\nScans any target, whether Web Apps, APIs (REST. \u0026 SOAP, GraphQL \u0026 more), Web sockets or mobile, providing actionable reports\n\n### Seamlessly integrates with the Tools and Workflows You Already Use\n\nBright works with your existing CI/CD pipelines – trigger scans on every commit, pull request or build with unit testing.\n\n### Spin-Up, Configure and Control Scans with Code\n\nOne file. One command. One scan. No UI needed.\n\n### Super-Fast Scans\n\nInteracts with applications and APIs, instead of just crawling them and guessing.\nScans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks.\n\n### No False Positives\n\nStop chasing ghosts and wasting time. Bright doesn’t return false positives, so you can focus on releasing code.\n\n### Comprehensive Security Testing\n\nBright tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE -- as well as uncommon vulnerabilities, such as business logic vulnerabilities.\n\nMore information is available on Bright’s:\n\n- [Website](https://www.brightsec.com/)\n- [Knowledge base](https://docs.brightsec.com/docs/quickstart)\n- [YouTube channel](https://www.youtube.com/channel/UCoIC0T1pmozq3eKLsUR2uUw)\n- [GitHub Actions](https://github.com/marketplace?query=neuralegion+)\n\n# Inputs\n\n### `name`\n\n**Required**. Scan name.\n\n_Example:_ `name: GitHub scan ${{ github.sha }}`\n\n### `api_token`\n\n**Required**. Your Bright API authorization token (key). You can generate it in the **Organization** section in [the Bright app](https://app.brightsec.com/login). Find more information [here](https://docs.brightsec.com/docs/manage-your-organization#manage-organization-apicli-authentication-tokens).\n\n_Example:_ `api_token: ${{ secrets.BRIGHT_TOKEN }}`\n\n### `project_id`\n\nProvide project-id if you want to run a scan for a specific project. If you don't provide project-id, scan will run under Default project.\n\n_Example:_ `project_id: gBAh2n9BD9ps7FVQXbLWXv`\n\n### `restart_scan`\n\n**Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section in [the Bright app](https://app.brightsec.com/login).\n\nPlease make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.\n\n_Example:_ `restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ)`\n\n### `discovery_types`\n\n**Required**. Array of discovery types. The following types are available:\n\n- `archive` - uses an uploaded HAR-file for a scan\n- `crawler` - uses a crawler to define the attack surface for a scan\n- `oas` - uses an uploaded OpenAPI schema for a scan\n- `graphql` - uses an uploaded OpenAPI schema, or an introspection endpoint \u003cbr\u003e\n  If no discovery type is specified, `crawler` is applied by default.\n\n_Example:_\n\n```yaml\ndiscovery_types: |\n  [ \"crawler\", \"archive\" ]\n```\n\n### `tests`\n\nA list of tests to run during a scan.\n\n_Example:_\n\n```yaml\ntests: |\n  [ \"common_files\", \"id_enumeration\" ]\n```\n\nPlease see the attached [vulnerability guide](https://docs.brightsec.com/docs/vulnerability-guide) for a full and updated list of available tests.\n\n### `file_id`\n\n**Required** if the discovery type is set to `archive` or `oas` or `graphql`. ID of a HAR-file or an OpenAPI schema you want to use for a scan. You can get the ID of an uploaded HAR-file or an OpenAPI schema in the **Storage** section on [app.brightsec.com](https://app.brightsec.com/login).\n\n_Example:_\n\n```\nFILE_ID=$(nexploit-cli archive:upload   \\\n--token ${{ secrets.BRIGHT_TOKEN }}   \\\n--discard true                          \\\n./example.har)\n```\n\n### `auth_object_id`\n\nID of auth-object to be used by the scan.\n\n_Example:_ `auth_object_id: 7NSbwLjh7Fhd8mPy1DM7Bk`\n\n### `repeaters`\n\nList of repeater ids to be used by the scan.\n\n_Example:_\n\n```yaml\nrepeaters: |\n  ['m5Y42fYm2CRCVdZh83w5af']\n```\n\n### `crawler_urls`\n\n**Required** if the discovery type is set to `crawler`. Target URLs to be used by the crawler to define the attack surface.\n\n_Example:_\n\n```yaml\ncrawler_urls: |\n  [ \"http://vulnerable-bank.com\" ]\n```\n\n### `hosts_filter`\n\n**Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.\n\n### `exclude_params`\n\nA list of regex patterns for parameter names you would like to ignore during the tests.\n\n_Example:_\n\n```yaml\nexclude_params: |\n  [ \"userId\", \"orgId\" ]\n```\n\n### `entrypoints`\n\nA list of entry point ids to be included in the scan.\n\n_Example:_\n\n```yaml\nentrypoints: |\n  [ \"550e8400-e29b-41d4-a716-446655440000\", \"7c9e6679-7425-40de-944b-e07fc1f90ae7\" ]\n```\n\n### `exclude_entry_points`\n\nA list of JSON strings that contain patterns for entry points you would like to ignore during the tests.\n\n_Example:_\n\n```yaml\nexclude_entry_points: |\n  [ { \"methods\": [ \"POST\" ], \"patterns\": [ \"users\\/.+\\/?$\" ] } ]\n```\n\nTo remove default exclusions pass an empty array as follows:\n\n_Example:_\n\n```yaml\nexclude_entry_points: |\n  []\n```\n\nTo apply patterns for all HTTP methods, you can set an empty array to `methods`:\n\n```yaml\nexclude_entry_points: |\n  [ { \"methods\": [], \"patterns\": [ \"users\\/.+\\/?$\" ] } ]\n```\n\n## Outputs\n\n### `url`\n\nUrl of the resulting scan\n\n### `id`\n\nID of the created scan. This ID could then be used to restart the scan, or for the following GitHub actions:\n\n- [Bright Wait for Issues](https://github.com/marketplace/actions/nexploit-wait-for-issues)\n- [Bright Stop Scan](https://github.com/marketplace/actions/nexploit-stop-scan)\n\n## Example usage\n\n### Start a new scan with parameters\n\n```yaml\nsteps:\n  - name: Bright Security Scan\n    id: start\n    uses: NeuraLegion/bright-github-actions/run-scan@release\n    with:\n      api_token: ${{ secrets.BRIGHT_TOKEN }}\n      name: GitHub scan ${{ github.sha }}\n      discovery_types: |\n        [ \"crawler\", \"archive\" ]\n      crawler_urls: |\n        [ \"http://vulnerable-bank.com\" ]\n      file_id: LiYknMYSdbSZbqgMaC9Sj\n  - name: Get the output scan url\n    run: echo \"The scan was started on ${{ steps.start.outputs.url }}\"\n```\n\n#### Restart an existing scan\n\n```yaml\nsteps:\n  - name: Bright Security Scan\n    id: start\n    uses: NeuraLegion/bright-github-actions/run-scan@release\n    with:\n      api_token: ${{ secrets.BRIGHT_TOKEN }}\n      name: GitHub scan ${{ github.sha }}\n      restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ\n  - name: Get the output scan url\n    run: echo \"The scan was started on ${{ steps.start.outputs.url }}\"\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fneuralegion%2Frun-scan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fneuralegion%2Frun-scan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fneuralegion%2Frun-scan/lists"}