Web application discovery


twigs supports discovering and scanning web applications. This mode will discover a web application running on a given URL as well, run DAST test on it using ZAP Proxy and discover the underlying host endpoint and its services using nmap.


You need to have nmap installed on your host (where you will be running twigs). Nmap needs to be available as /usr/bin/nmap. If you are using the twigs docker image, nmap is pre-bundled with it.

You also need ZAP proxy installed. Details can be found here.


The steps involved to discover assets using nmap in your environment are as below:

  • Open a new shell / terminal.
  • Check that twigs is installed and running properly by running below command:

twigs webapp -h

Discover web application using its URL

twigs webapp --url <url> [--assetname <user friendly name>]

This will run DAST / web application test using ZAP (if available), test the SSL settings and certificates for any vulnerabilities and discover and scan the web application endpoint server for vulnerabilities.