-
|
Hi, I am scanning multiple endpoints with Nikto and ZAP which produce multiple findings I would love to manipulate. For example Nikto finds a traceparent header: Only the ID is different after each run.
The ID is present in the name and description fields. I thought about using the post processing hook to match for something like "Uncommon header 'traceparent' found, with contents" and then replace the entire line with "Uncommon header 'traceparent' found, with contents: REPLACED-FOR-DEDUPLICATION"? Is it possible to use the post processing rules for this? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Hi @moxli
yes (unfortunatly) it does. The strings contain in the match pattern need to be a complete match for the finding post processing hook.
I also think the approach you are taking would unfortunatly not work as the DefectDojo hook is using the "raw" nikto results for the upload. So when you modify the findings it would not change the results in defectdojo because it is using the raw results. |
Beta Was this translation helpful? Give feedback.
-
|
In case anybody is interested: I ended up creating my own Nikto image which just adds the headers I want to exclude to /nikto/databases/db_headers. This prevents Nikto from reporting them in the first place :) |
Beta Was this translation helpful? Give feedback.
Hi @moxli
yes (unfortunatly) it does. The strings contain in the match pattern need to be a complete match for the finding post processing hook.
I also think the approach you are taking would unfortunatly not work as the DefectDojo hook is using the "raw" nikto results for the upload. So when you modify the findings it would not change the results in defectdojo because it is using the raw results.