def onboard_urls(urls: List[Url]):
for url in urls:
logger.info("Onboarding %s" % url)
if url.is_top_level():
logger.debug("Brute known subdomains: %s" % url)
brute_known_subdomains(urls=[url])
logger.debug("Certificate transparency: %s" % url)
certificate_transparency(urls=[url])
logger.debug("nsec: %s" % url)
nsec(urls=[url])
# tasks
logger.debug("Discover endpoints: %s" % url)
scanner_http.discover_endpoints(urls=[url])
# requires endpoints to be discovered, how to run groups of tasks sequentially?
logger.debug("Plain_http: %s" % url)
scanner_plain_http.scan_urls(urls=[url])
# requires endpoints to be discovered
logger.debug("Screenshots: %s" % url)
screenshot_urls(urls=[url])
# security headers and new urls are handled elsewhere.
url.onboarded = True
url.onboarded_on = datetime.now(pytz.utc)
url.save()
def handle(self, *args, **options):
if not options['organization'] or options['organization'][0] == "*":
scanner_http.discover_endpoints()
else:
organization = Organization.objects.all().filter(
name=options['organization'][0])
scanner_http.discover_endpoints(organizations=[organization])
def discover_http_endpoints(self, request, queryset):
scanner_http.discover_endpoints(urls=list(queryset))
self.message_user(request, "Discover http(s) endpoints: Done")