Security scanning is one of the first major steps in any hackers methdology to find vulnerabilities in your systems. It works by sending a lot of attack payloads at the target hoping something triggers.
You can run the scan using our cli tool
docker run --rm -t --network appsec-threat-emulation-network asm/threat-cli run -a 2This command will run the CLI inside the docker container. The CLI will launch attacks from this file on the vulnerable application.
Running attack #2: Generic security scan
Target URL: http://juiceshop:3000
✔ Basic security scan - doneAfter launching this attack, you will be able to find the traces in Datadog ASM explorer and a security scanner signal will be generated
You can review the security traces by navigating to ASM trace
A security scanner signal will be generated with severity low. You can review the security signals by navigating to ASM Signals
