Running Arachni via Jenkins

Elirowenabeth Manoñgas's Avatar

Elirowenabeth Manoñgas

12 Oct, 2016 01:37 AM

Can i run arachni during jenkins build? From the thread that i've read, normally it is added in Jenkins as a post build action and we're using URL's for the application where the scan should be performed. How about doing a scan on a set of raw codes on jenkins workspace before it gets packaged into a war file. Which means running a scan during Jenkins build. Is this possible?

  1. 1 Posted by Elirowenabeth M... on 12 Oct, 2016 01:44 AM

    Elirowenabeth Manoñgas's Avatar

    2nd question : Do we really need to run arachni having a URL as it's parameter? or can we run it with files under a specific workspace.

  2. Support Staff 2 Posted by Tasos Laskos on 12 Oct, 2016 08:51 AM

    Tasos Laskos's Avatar

    I'm not that familiar with Jenkins so I'm afraid I can't help you with this.

  3. 3 Posted by Elirowenabeth M... on 12 Oct, 2016 08:54 AM

    Elirowenabeth Manoñgas's Avatar

    Any thought's if it's possible to pass a parameter of the current directory to do the scan?

    Currently, we do this in arachni
    /opt/arachni/bin/arachni --checks=*

    Would this be possible if i will do this?
    /opt/arachni/bin/arachni . --checks=*

    Note : (.) signifies the current directory of my source code for my web app.

  4. Support Staff 4 Posted by Tasos Laskos on 12 Oct, 2016 08:55 AM

    Tasos Laskos's Avatar

    Arachni doesn't do static analysis, it needs a live webapp not its source code.

  5. 5 Posted by Elirowenabeth M... on 12 Oct, 2016 08:59 AM

    Elirowenabeth Manoñgas's Avatar

    Oh, alright. Makes sense.. Thanks. :)

  6. Support Staff 6 Posted by Tasos Laskos on 12 Oct, 2016 09:02 AM

    Tasos Laskos's Avatar

    No problem.

    Cheers

  7. Tasos Laskos closed this discussion on 12 Oct, 2016 09:02 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac