-
Notifications
You must be signed in to change notification settings - Fork 2
36 lines (31 loc) · 1.4 KB
/
nuclei.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: Nuclei - DAST Scan
on:
push:
branches:
- master
- main
jobs:
nuclei-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Setup Python 3.11
uses: actions/setup-python@v2
with:
python-version: 3.11
- name: Launch WebScripts
run: |
mkdir WebScripts/hardening
echo "{}" > WebScripts/hardening/logs_checks.json
echo "{}" > WebScripts/hardening/uploads_file_integrity.json
echo "{}" > WebScripts/hardening/webscripts_file_integrity.json
echo "{}" > WebScripts/hardening/audit.html
echo "{}" > WebScripts/hardening/audit.txt
echo "{}" > WebScripts/hardening/audit.json
python3.11 -c "import os;f=os.path.join('WebScripts','WebScripts.py');d=open(f).read().replace('force_file_permissions = secure','force_file_permissions=False');open(f,'w').write(d)"
python3.11 -c "import json as j,os;f=os.path.join('WebScripts','config','server.json');d=j.load(open(f));d['server']['force_file_permissions']=False;j.dump(d,open(f,'w'))"
python3.11 -m WebScripts --accept-unauthenticated-user --accept-unknow-user --blacklist-time 0 --auth-failures-to-blacklist 99999 &
- name: Nuclei - DAST Scan
uses: projectdiscovery/nuclei-action@main
with:
target: http://127.0.0.1:8000