Skip to content
/ dastardly Public

PortSwigger Dastardly Action with SARIF Support

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chtzvt/dastardly

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.github/workflows
.github/workflows
 
 
examples
examples
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 

Repository files navigation

Dastardly (With SARIF Support)

Welcome!

This is an extended version of PortSwigger's Dastardly action, with added support for the Static Analysis Results Interchange Format (SARIF).

This repository wraps PortSwigger's base Dastardly action, adding a script that converts the JUnit XML produced by Dastardly into SARIF for consumption by GitHub's Code Scanning tools.

Usage

Adding the Dastardly SARIF action to your workflows is simple:

  - uses: chtzvt/dastardly@v1
    with: 
        target-url: https://ginandjuice.shop/
        enable-sarif-report: true

Inputs

This action accepts the following inputs:

  • target-url: The full url (including scheme) of the site to scan.

  • enable-junit-report: Whether to enable the junit report. This will be uploaded as an artifact

  • enable-sarif-report: Whether to enable the sarif report. This will be uploaded as a code scanning result

Extra options (you probably don't need to tweak these, but they're helpful for corner cases):

  • output-filename: The filename used for the scan report. This filepath relates to the dastardly container, and will exist in the github workspace (/github/workspace)

  • upload-raw-report: Whether to upload the raw Dastardly JUnit report as an artifact

About

PortSwigger Dastardly Action with SARIF Support

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

v1 Latest
Jul 12, 2023

Packages

No packages published