Web application discovery

Overview

twigs supports discovering and scanning web applications. This mode will discover a web application running on a given URL as well, run DAST test on it using ZAP Proxy and discover the underlying host endpoint and its services using nmap.

Pre-requisites

You need to have nmap installed on your host (where you will be running twigs). Nmap needs to be available as /usr/bin/nmap. If you are using the twigs docker image, nmap is pre-bundled with it.

You also need ZAP proxy installed. Details can be found here.

Steps

The steps involved to discover assets using nmap in your environment are as below:

  • Open a new shell / terminal.
  • Check that twigs is installed and running properly by running below command:

twigs webapp -h

Discover web application using its URL

twigs webapp --url <url> [--assetname <user friendly name>]

This will run DAST / web application test using ZAP (if available), test the SSL settings and certificates for any vulnerabilities and discover and scan the web application endpoint server for vulnerabilities.