Command Line Interface

Netsparker Standard has a command line interface that you can use to launch a scan. It can be used to integrate automated web application security scans, for example to trigger a scan via a third party application once new source code is submitted to a project. You can also use the command line feature to automate scan operations, including complex scan sequences that target many domains (see Scanning Multiple Websites with Netsparker Standard Command Line).

Command Line Arguments

When using the command line interface you can use arguments to pre-configure the web vulnerability scanner and also specify post scan tasks, such as the generation of a scan report. Here is a list of all the available arguments:

Name: Autopilot Mode
Argument: /a, /auto
For: When this argument is used Netsparker will execute the designated scan, generate a report in the specified location using the specified report template and then exit.

The autopilot option is most commonly used when Netsparker is invoked as part of a batch process.

Name: Scan Profile Name
Argument: /p, /profile
For: Use this argument to specify the name of the Scan Profile that should be used during the scan. If not specified, the default Scan Profile will be used.

Scan Profiles provide a powerful and convenient mechanism to pass complex sets of scan configuration data during command line execution. For example, a profile allows the following scan settings to be defined within Netsparker, and accessed as a single named configuration:

  • The target URL and the scope of the scan, relative to that URL
  • The range of selected security tests
  • The number of threads used for crawling and attacking
  • The active parsers and how their extracted links will be interpreted
  • The target back-end database

Scan Profiles also support advanced scanning concepts, such as the ability to manually import links or add HTTP requests. For further information, see Configuring and Managing Scan Profiles in Netsparker Desktop.

Name: Target URL
Argument: /u, /url
For: Use this option to specify the address (URL) of the target web application or web service. This is a mandatory argument unless a Scan Profile which includes a URL has been specified.

If a Scan Profile is specified Netsparker will derive its target URL from the Scan Profile. If a Scan Profile is specified and the URL configuration parameter is also specified, Netsparker will ignore the Scan Profile and derive its target URL from the target URL parameter.        

Name:  Report Path
Argument: /r, /report
For: Use this option to either specify the filename or the path where the report should be saved. If only the filename is specified the report will be created in the folder from which Netsparker Standard is launched. If the target path contains space characters, the path must be specified in double quotes.

This argument should always be used in conjunction with the /auto argument.

Name: Report Template Name
Argument: /rt, /reporttemplate
For: Use this argument to specify the name of the report template. If not specified, the Default Scan Report will be used. You can also use this argument multiple times to export several reports using different templates.

Name: Help
Argument: /h, /help
For: Use this argument to see a list of all the available arguments.

Name: Silent Mode
Argument: /silent
For: Use this argument to suppress error messages. This argument is ideal for scheduling scans and automated jobs.

Name: Authentication Credentials
Argument: /auth
For: Use this argument to specify a combination of username, password and domain information that Netsparker should use with Basic, Digest and NTLM authentication.  Some examples follow:

/auth username password

/auth username password "host or domain"

/auth username@domain password

/auth host\username password

If the username, password or domain contain a space character, they must be specified in double quotes, as shown in these examples. As an alternative to using the /auth argument, credentials can be configured as part of a Scan Profile.

Name: Log HTTP Requests
Argument: /lr, /logrequests
For: Use this option to log all HTTP requests that the Netsparker scanner sends and receives during a web application security scan. The HTTP requests will be saved in a file called “HttpRequests.saz” and will be located within the current scan directory. You can use Fiddler to view the contents of the log file.

Name: Setting Netsparker log level from CLI
Argument: /loglevel [1-6]
For: Use this option to set Netsparker's logging level. /loglevel must be followed with an argument value and it must be between 1 and 6.

Note: Meaning of integer values are:

  1. Critical
  2. Error
  3. Warning
  4. Information
  5. Verbose
  6. Activity Tracking

Command Line Examples

This section includes some examples of how the command line interface can be used in Netsparker Standard.

How to Scan a Website and Generate a Report

  1. Open a Command Prompt.
  2. Change the current directory to the one in which Netsparker.exe is installed.
  3. Enter the following:
    • Command: Netsparker /a /url http://test23.example.com /rt "Detailed Scan Report" /r "C:\reports\scan report.html"
    • Explanation: Scan http://test23.example.com and generate a report using the Detailed Scan Report template. Save the report to C:\reports\scan report.html.

How to Scan a Website and Generate Two Reports

  1. Open a Command Prompt.
  2. Change the current directory to the one in which Netsparker.exe is installed.
  3. Enter the following:
    • Command: Netsparker /a /url http://test23.example.com /r "C:\reports\scan report-1.html" /rt "Detailed Scan Report" /r "C:\reports\scan report-2.html" /rt "OWASP Top Ten 2013 Report"
    • Explanation: Scan http://test23.example.com and generate two reports; scan report-1.html using the Detailed Scan Report template, and scan report-2.html using the OWASP Top Ten 2013 Report template.

How to Scan a Website with NTLM Authentication

  1. Open a Command Prompt.
  2. Change the current directory to the one in which Netsparker.exe is installed.
  3. Enter the following:
    • Command: Netsparker /a /url http://test23.example.com /auth john.doe "secret password" example.com
    • Explanation: Scan http://test22.example.com, and use the username john.doe and password secret password when challenged for credentials.

How to Generate a Report from a Saved Scan

  1. Open a Command Prompt.
  2. Change the current directory to the one in which Netsparker.exe is installed.
  3. Enter the following:
    • Command: Netsparker /silent /auto /generatereport MyScan.nss /r "Detailed Scan Report.htm" /rt "Detailed Scan Report"
    • Explanation: Load the scan session file MyScan.nss and generate the report Detailed Scan Report.htm using the report template Detailed Scan Report.

How to Set the Netsparker Log Level

  1. Open a Command Prompt.
  2. Change the current directory to the one in which Netsparker.exe is installed.
  3. Enter the following:
    • Command: Netsparker /loglevel 3
    • Explanation: Set the logging level to 3 (warning)

Scanning Multiple Websites Using the Command Line Interface

There are four steps to scanning multiple websites using the command line interface:

  1. Create a Text File With a List of Targets
  2. Create the Scan Profiles (Optional)
  3. Write the Microsoft PowerShell Script to Launch the Scans
  4. Launch the Security Scans

Each is explained below.

Create a Text File With a List of Targets

Create a text file with a list of all the URLs of the target websites you want to scan. For this example the text file will be called targets_list.txt. Each target URL should be on a line of its own, as shown in this example:

```
http://php.testsparker.com/
http://aspnet.testsparker.com/
```

Create the Scan Profiles (Optional)

If you are not using the default Scan Profile, create a new one for each website you want to scan using the Netsparker. You need this if you want to configure Form Authentication or the Scan Policy Optimizer.

For this example we have the following scan profiles:

Scan Profile: php.testsparker.com

Scan Profile: aspnet.testsparker.com

For further information, see Overview of Scan Profiles.

Write the Microsoft PowerShell Script to Launch the Scans

Use Microsoft PowerShell script to trigger the security scans, replacing the sample variables used in this example with yours.

$NetsparkerExecPath = "C:\Program Files (x86)\Netsparker\Netsparker.exe"

# Variables
$URLs = "C:\Users\User1\Documents\targets_list.txt"
$NetsparkerReportPath = "C:\Users\User1\Documents\"
$NetsparkerReportTemplate = "Detailed Scan Report"
#
 foreach ($url in get-content $URLs) {
         $domain = ([System.URI]"$url").Host
         $report = $NetsparkerReportPath + $domain + "_" + (Get-Date -format "yyyyMMdHm")
         start-process -FilePath "$NetsparkerExecPath" -ArgumentList "/url ""$url"" /profile ""$domain"" /a /s /r ""$report"" /rt ""$NetsparkerReportTemplate"""
}

PowerShell Script Variables

This table lists the PowerShell script variables.

Variable

Description

$URLs

This is the location where the text file is saved.

$NetsparkerReportPath

This is the location where web security scan reports should be saved once the scans are ready.

$NetsparkerReportTemplate

This is the report template Netsparker Desktop should use for the reports.

Launch the Security Scans

Once you trigger the Microsoft PowerShell script, Netsparker Standard will scan all the target websites and web applications listed in the text file created during the first step of this post, and create a Detailed Scan Report on each of the scans.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO