Probes | DAST Vulnerability Scanner | Fluid Attacks Help

Introduction

Welcome to our section describing our DAST scanner Probes.
Notes
Note
Skims used to be the scanner for all modules. It is undergoing a migration process to create a different scanner for each technique.
Probes is a CLI application that can be configured to analyze URLs and produces detailed reports with the security vulnerabilities found.

End Users are allowed to run Probes as a Free and Open Source vulnerability detection tool.

Integrates configures and runs Probes periodically to find vulnerabilities over the surface of Fluid Attacks customers as part of the Essential plan.

Public Oath

  1. Probes can be used by End Users as a Free and Open Source vulnerability detection tool.
  2. The Probes CLI can be found on DockerHub.
  3. It has a low rate of False Positives, meaning that it only reports vulnerabilities that have an impact.
  4. When the existence of a vulnerability cannot be deterministically decided, Probes will favor a False Negative over a False Positive. In other words, it will prefer failing to report a vulnerability that may have a real impact over reporting a vulnerability that may have no impact.

Architecture

  1. Probes is a CLI application written in Python.
  2. Probes CLI is published on DockerHub so anyone can use it.
  3. Probes CLI performs DAST analysis.
  4. It sends metrics data to AWS CloudWatch.
  5. It sends errors to Bugsnag

Contributing

Please read the contributing page first.

Development Environment

Configure your Development Environment.

When prompted for an AWS role, choose dev, and when prompted for a Development Environment, pick probes.

Local Environment

Run this command within the universe repository:

m . /probes

This will build and run the Probes CLI application, including the changes you’ve made to the source code.
  1. License: mpl-2.0
  2. References:
    1. Probes repository on GitLab
Probes is made available under the MPL-2.0 License. The full license text is available at the link provided.

Testing

Probes follows the same testing process as Skims, so you can refer to that section of the documentation for help.

Debugging production errors

Probes follows the same architecture as Skims, so you can refer to that section of the documentation for help.
Idea
Tip
Have an idea to simplify our architecture or noticed docs that could use some love? Don't hesitate to open an issue or submit improvements.