René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"🚓 Integrate directory busting tool gobuster","articleBody":"## 🚓  Integrate Directory/File, DNS and VHost busting tool gobuster\r\n\u003c!--\r\nThank you for contributing to our project 🙌\r\n\r\nBefore opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead. Also, please, have a look at our FAQs and existing questions before opening a new question.\r\n--\u003e\r\n\r\n### Is your feature request related to a problem\r\n\u003c!-- Please describe a clear and concise description of what the problem is. \r\n     Use commmon user story patterns like https://en.wikipedia.org/wiki/User_story:\r\n      - As a \u003crole\u003e I can \u003ccapability\u003e, so that \u003creceive benefit\u003e\r\n      - In order to \u003creceive benefit\u003e as a \u003crole\u003e, I can \u003cgoal/desire\u003e\r\n      - As \u003cwho\u003e \u003cwhen\u003e \u003cwhere\u003e, I \u003cwant\u003e because \u003cwhy\u003e\r\n     For example... As a secureCodeBox user i'm always frustrated when [...] --\u003e\r\nAs a secureCodeBox user I would like to use [`gobuster`](https://github.com/OJ/gobuster) to find directories, subdomains, vhosts and open S3 buckets for consecutive scans.\r\n\r\n### Describe the solution you'd like\r\n\u003c!-- A clear and concise description of what you want to happen. --\u003e\r\n`gobuster` is integrated into secureCodeBox.\r\n\r\n### Describe alternatives you've considered\r\n\u003c!-- A clear and concise description of any alternative solutions or features you've considered. --\u003e\r\n- [dirbuster](https://sourceforge.net/projects/dirbuster/) seems to be unmaintained, less performant and detects less categories of places.\r\n- [dotdotpwn](https://github.com/wireghoul/dotdotpwn) is only specialized on traversing directory trees than finding new hosts and websites.\r\n\r\n### Additional context\r\n\u003c!-- Add any other context or screenshots about the feature request here. --\u003e\r\n`gobuster` operates either for DNS, directories, S3 buckets or vhosts and requires a wordlist in the most cases.\r\n\r\n## Steps to implement a new scanner\r\nHint: A general guide how to implement a new SCB scanner is documented [here](https://docs.securecodebox.io/docs/contributing/integrating-a-scanner)\r\n\r\n- [ ] Create a new folder with the name of the [scanner here](https://github.com/secureCodeBox/secureCodeBox/tree/master/scanners)\r\n- [ ] Add a `README.gotmpl` and give a [brief overview](https://docs.securecodebox.io/docs/contributing/integrating-a-scanner/readme) of the scanner and its configuration options.\r\n- [ ] Add a HelmChart and document all configuration options.\r\n- [ ] Implement a new scanner specific `scan-type.yaml`\r\n- [ ] Implement a new scanner specific `parse-definition.yaml`\r\n- [ ] Add (optional) some `cascading-rules.yaml` like documented [here](https://docs.securecodebox.io/docs/api/crds/cascading-rule)\r\n- [ ] Add (optional) a `Dockerfile` for the scanner if there is no existing one publicly available on dockerHub\r\n- [ ] Use the [parser-SDK](https://github.com/secureCodeBox/secureCodeBox/tree/master/parser-sdk) to implement a new findings parser (currently based on NodeJS)\r\n- [ ] Add unit tests with at minimum 80% test coverage\r\n- [ ] Add some example `scan.yaml` and `finding.yaml` files in the [example folder](https://docs.securecodebox.io/docs/contributing/integrating-a-scanner/examples-dir)\r\n- [ ] Implement a [new integration or E2E test](https://docs.securecodebox.io/docs/contributing/integrating-a-scanner/integration-tests) for the hook [here](https://github.com/secureCodeBox/secureCodeBox/tree/master/tests/integration)\r\n","author":{"url":"https://github.com/twwd","@type":"Person","name":"twwd"},"datePublished":"2021-04-09T12:40:30.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":5},"url":"https://github.com/363/secureCodeBox/issues/363"}