VAddy API Command-Line Tool using golang
https://vaddy.net
Go-vaddy can start scan and check the result.
日本語ドキュメントはこちらです。 https://github.com/vaddy/go-vaddy/blob/master/README_ja.md
You can use exe files on go-vaddy/bin
directory.
If you use linux(64bit), use vaddy-linux-64bit.
For example, ./vaddy-linux-64bit api_key userID FQDN
OS | file |
---|---|
Linux(64bit) | vaddy-linux-64bit |
MacOS(64bit Intel) | vaddy-macosx-64bit |
Windows(64bit) | vaddy-win-64bit.exe |
FreeBSD(64bit) | vaddy-freebsd-64bit |
Go-vaddy returns 0 (no errors, no vulnerabilities) or 1 (errors, 1 or more vulnerabilities).
You can check V1/V2 project on the dashboard screen after login.
export VADDY_TOKEN="123455667789"
export VADDY_USER="ichikaway"
export VADDY_HOST="www.examplevaddy.com"
#export VADDY_CRAWL="30"
#export VADDY_SCAN_TYPE="SQLI,XSS,..."
export VADDY_TOKEN="123455667789"
export VADDY_USER="ichikaway"
export VADDY_PROJECT_ID="your project id"
#export VADDY_CRAWL="30"
#export VADDY_SCAN_TYPE="SQLI,XSS"
-
VADDY_USER
is VAddy login ID. -
VADDY_CRAWL
is optional. If you don't specify it, VAddy uses the latest crawl data.
You can specify crawl label keyword onVADDY_CRAWL
like thisexport VADDY_CRAWL="search result pages"
-
VADDY_SCAN_TYPE
is optional to specify a specific scan type. Scan type list document Without this option, all scan will be performed. If you specify an item that does not exist or an item that does not exist in your plan, the errorInvalid scan type selected
will be returned.
cd bin
./vaddy-linux-64bit
Setting these OS environment variables, Post message to the slack when VAddy found vulnerabilities.
export SLACK_WEBHOOK_URL="webhook url"
export SLACK_USERNAME="your user (optional)"
export SLACK_CHANNEL="your channel (optional)"
export SLACK_ICON_EMOJI=":smile: (optional)"
export SLACK_ICON_URL="icon url (optional)"