def onboard_urls(urls: List[Url]):
for url in urls:
logger.info("Onboarding %s" % url)
if url.is_top_level():
logger.debug("Brute known subdomains: %s" % url)
brute_known_subdomains(urls=[url])
logger.debug("Certificate transparency: %s" % url)
certificate_transparency(urls=[url])
logger.debug("nsec: %s" % url)
nsec(urls=[url])
# tasks
logger.debug("Discover endpoints: %s" % url)
scanner_http.discover_endpoints(urls=[url])
# requires endpoints to be discovered, how to run groups of tasks sequentially?
logger.debug("Plain_http: %s" % url)
scanner_plain_http.scan_urls(urls=[url])
# requires endpoints to be discovered
logger.debug("Screenshots: %s" % url)
screenshot_urls(urls=[url])
# security headers and new urls are handled elsewhere.
url.onboarded = True
url.onboarded_on = datetime.now(pytz.utc)
url.save()
def scan_organization(self, organization, scan_type):
logger.debug("Calling %s scan on: %s" % (scan_type, organization))
# explicitly written so the imported functions are used, don't use strings as dynamic function names.
if scan_type == "brute_known_subdomains":
brute_known_subdomains(organizations=[organization])
if scan_type == "brute_three_letters":
brute_three_letters(organizations=[organization])
if scan_type == "brute_dutch":
brute_dutch(organizations=[organization])
if scan_type == "standard":
standard(organizations=[organization])
if scan_type == "search_engines":
search_engines(organizations=[organization])
if scan_type == "certificate_transparency":
certificate_transparency(organizations=[organization])
if scan_type == "nsec":
nsec(organizations=[organization])
def dns_nsec(self, request, queryset):
nsec(urls=list(queryset))
self.message_user(request, "Discover subdomains (using nsec): Done")