https://github.com/Arachni/arachni-ui-web

Arachni's Web User Interface.
https://github.com/Arachni/arachni-ui-web

Last synced: about 2 months ago
JSON representation

Arachni's Web User Interface.

• Host: GitHub
• URL: https://github.com/Arachni/arachni-ui-web
• Owner: Arachni
• License: other
• Created: 2012-06-29T21:08:07.000Z (over 12 years ago)
• Default Branch: master
• Last Pushed: 2022-05-03T06:33:12.000Z (over 2 years ago)
• Last Synced: 2024-08-05T17:42:41.732Z (5 months ago)
• Language: Ruby
• Homepage: http://www.arachni-scanner.com/
• Size: 2.88 MB
• Stars: 226
• Watchers: 33
• Forks: 111
• Open Issues: 31
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE.md

Awesome Lists containing this project

• awesome-hacking-lists - Arachni/arachni-ui-web - Arachni's Web User Interface. (Ruby)

README

        
# Notice

Arachni is heading towards obsolescence, try out its next-gen successor

[Ecsypno](https://www.ecsypno.com/) [SCNR](https://ecsypno.com/scnr-documentation/)!

# Arachni - Web User Interface

    

        Version

        0.6.1.1

    

    

        Homepage

        http://arachni-scanner.com

    

    

        Blog

        http://arachni-scanner.com/blog

    

        Github

        http://github.com/Arachni/arachni-ui-web

     

    

        Documentation

        https://github.com/Arachni/arachni-ui-web/wiki

    

    

        Support

        http://support.arachni-scanner.com

    

    

       Author

       Tasos Laskos (@Zap0tek)

    

    

        Twitter

        @ArachniScanner

    

    

        Copyright

        2013-2022 Ecsypno

    

    

        License

        Arachni Public Source License v1.0 (see LICENSE file)

    

![Arachni logo](http://www.arachni-scanner.com/large-logo.png)

## Synopsis

A web user interface and collaboration platform for the

[Arachni](https://github.com/Arachni/arachni) web application

security scanner framework.

## Features

 - Administrators can manage all:

    - Users

    - Scan configuration Profiles

        - Can set Global Profiles which are available to everyone.

        - Can set the system-wide default Profile.

    - Scans

    - Scan Issues

    - Scan Groups

    - Dispatchers

        - Can set Global Dispatchers which are available to everyone.

        - Can set the system-wide default Dispatcher.

    - Settings

        - Scan

            - Allowed types.

            - Target whitelist using regular expressions.

            - Target blacklist using regular expressions.

            - Global scan limit -- Amount of active scans at any given time.

            - Per user limit -- Amount of active scans at any given time per user.

        - Profile

            - Allowed modules.

 - Users can:

    - Manage, create and share Dispatchers with each other.

    - Manage, create, export, import and share Scan configuration Profiles with each other.

    - Start Scans using one of the available Profiles (and optionally Dispatchers).

    - Organize Scans into Scan Groups for easier management and share their Groups with each other.

    - Manage, comment, share and export reports of their Scans.

    - Discuss and Review Issues:

        - Mark them as false positives

        - Mark them as fixed

        - Mark them as requiring manual verification

            - Add verification steps

            - Mark them as verified

    - Receive Notifications for:

        - Shared Profiles -- Created, updated, shared, deleted.

        - Shared Scans -- Started, paused, resumed, aborted, commented, timed out, suspended.

        - Issues of shared Scans -- Reviewed, verified, commented.

    - Review their Activity.

    - Export reports, review and comment on Scans which have been shared with them by other users.

 - Available Scan types:

    - Direct -- From the WebUI machine to the webapp, no need to setup anything else.

    - Remote -- Using a Dispatcher.

        - Scan is performed from the machine of the Dispatcher to the webapp.

        - Scan assignments can be load balanced when there are multiple Dispatchers available.

    - Grid -- Using multiple Dispatchers.

        - Scan is performed using multiple machines for a super-fast crawl and audit.

        - Scan assignments can be load balanced.

    - Repeat/Revision

        - Repeats a finished scan to identify fixed or new issues.

        - Can use sitemaps of previous revisions to:

            - Avoid crawling

            - Extend a new crawl

    - Overview -- Combines the results of multiple revisions for easy review/management.

 - Scans can be scheduled to be performed at a later date or at predefined intervals.

    - Recurring scans are incremental, with each occurrence being a separate revision.

 - Scan reports can be exported in multiple formats (HTML, XML, YAML and more).

 - Simple, clean, responsive design suitable for desktops, tablets and mobile phones.

## [Usage](https://github.com/Arachni/arachni-ui-web/wiki)

## Bug reports/Feature requests

Submit bugs using [GitHub Issues](http://github.com/Arachni/arachni-ui-web/issues)

and get support via the [Support Portal](http://support.arachni-scanner.com).

## Contributing

If you make improvements to this application, please share with others.

Before starting any work, please read the [instructions](https://github.com/Arachni/arachni-ui-web/tree/experimental#source)

for working with the source code.

* Fork the project.

* Start a feature branch based on the [experimental](https://github.com/Arachni/arachni-ui-web/tree/experimental)

    branch (`git checkout -b  experimental`).

* Add specs for your code.

* Run the spec suite to make sure you didn't break anything (`rake spec`).

* Commit and push your changes.

* Issue a pull request and wait for your code to be reviewed.

## License

Arachni Public Source License v1.0 -- please see the _LICENSE_ file for more information.