Scanners parser & Plugin

[anandtiwarics]

• Acunetix Scanner
• Anchore-Engine
• Aqua
• Anchore Grype
• Arachni Scanner
• AppSpider (Rapid7)
• AuditJS (OSSIndex)
• AWS Security Hub
• AWS Prowler Scanner
• Azure Security Center Recommendations Scan
• Bandit
• Blackduck Hub
• Brakeman Scan
• Bugcrowd
• Bundler-Audit
• Burp XML
• Burp Enterprise Scan
• CargoAudit Scan
• Checkov
• Clair Scan
• Cobalt.io Scan
• Cobalt.io API Import
• Coverity API
• Crashtest Security
• CredScan Report
• Contrast Scanner
• Checkmarx
• Choctaw Hog parser
• Cloudsploit
• CycloneDX
• DawnScanner
• Dependency Check
• Dependency Track
• DrHeader
• Dockle Report
• Detect-secrets
• ESLint
• Fortify
• Generic Findings Import
• Gosec Scanner
• Gitleaks
• GitLab SAST Scan
• GitLab SCA Scan
• GitLab Container Scan
• GitLab Dependency Scanning Report
• Github Vulnerability
• Hadolint
• Harbor Vulnerability
• Horusec
• HuskyCI Report
• IBM AppScan DAST
• Immuniweb Scan
• IntSights Report
• JFrogXRay
• JFrog XRay Unified
• Kiuwan Scanner
• kube-bench Scanner
• KICS Scanner
• Meterian Scanner
• Microfocus Webinspect Scanner
• MobSF Scanner
• Mobsfscan
• Nessus (Tenable)
• Nessus WAS (Tenable)
• Netsparker
• Nexpose XML 2.0 (Rapid7)
• nodejsscan
• NPM Audit
• Nuclei
• Openscap Vulnerability Scan
• OpenVAS
• OssIndex Devaudit
• Oss Review Toolkit
• PHP Security Audit v2
• PHP Symfony Security Checker
• Probely
• Qualys Scan
• Qualys Webapp Scan
• Retire.js
• Risk Recon API Importer
• SARIF
• ScoutSuite
• Semgrep JSON Report
• SKF Scan
• Snyk
• SonarQube Scan
• SpotBugs
• Sonatype
• SSL Labs
• Sslscan
• Sslyze Scan
• SSLyze 3 Scan
• Testssl Scan
• Terrascan
• Trivy
• Trufflehog
• Trustwave
• Twistlock (Prisma Compute)
• TFSec
• Visual Code Grepper (VCG)
• Veracode
• Wapiti Scan
• Whitesource Scan
• Wpscan Scanner
• Wfuzz JSON importer
• Xanitizer
• Yarn Audit
• Zed Attack Proxy

Scanner File Format Support

[jamesbower]

Any plans on including Nmap as it's own plugin?

[anandtiwarics]

Yes! we have. Please look #18 Popular Tools plugin support.

[jamesbower]

Ok great! Thanks so much. Really been enjoying playing around with this.

[httpdss]

@anandtiwarics this is a great project i'd like to contribute to. Dont know where to add this but it could be great to have scanner parsers for npm packages using the report from npm audit or similar.
also if i would like to work on this, what would be the correct way?

feature request -> approve feature -> assign me to work on it -> make pull request when its done -> you merge if everything is ok ?

keep up the good work!

[Slim-Rush]

Is there any plan to integrate with Nexpose?

[ShubjeetPal]

Can you please include in your blog how to integrate with Azure Devops CI/CD pipelines as extension.
https://docs.microsoft.com/en-us/azure/devops/extend/overview?view=azure-devops
Then get scan data in archerySec from other Azure Devops extension like sonarqube, ZAP etc.