Run a Partial Scan

This article will show you how to run a partial scan with NG SAST.

More specifically, NG SAST allows you to scan only for certain vulnerability categories instead of running a complete scan. You can do this by creating a policy that imports only the dictionaries for the categories you're interested in.

For example, let's say that you're interested in XSS and Remote Code Execution issues. You would need to:

  1. Create a new policy and modify the IMPORT calls so that you only import the categories of interest

    IMPORT io.shiftleft/defaultdict
    IMPORT io.shiftleft/xss
    IMPORT io.shiftleft/execute
  2. Validate, push, and assign your policy when invoking sl analyze.

Available Dictionary Categories for import

The following is a list of dictionary categories that you can import into your policies for partial scans.

Category/ImportDescriptionCWE/OWASP
IMPORT io.shiftleft/environmentEnvironment variables get leaked over HTTP or to the consoleCWE: 200
OWASP: A3
IMPORT io.shiftleft/sqlinjectionSQL injection over HTTP or via UICWE: 89
OWASP: A1
IMPORT io.shiftleft/nosqlinjectionNoSQL injection over HTTPCWE: 943
OWASP: A1
IMPORT io.shiftleft/xssXSS to HTTP header or HTMLCWE: 79
OWASP: A7
IMPORT io.shiftleft/executeRemote code execution via HTTP or cloudCWE: 77, 78
OWASP: A1
IMPORT io.shiftleft/logWriteSensitive data leakCWE: 200, 117
OWASP: A3
IMPORT io.shiftleft/fileWriteDirectory traversal, unsafe unzipping and file writeCWE: 22
OWASP: A5
IMPORT io.shiftleft/fileReadDirectory traversalCWE: 22
OWASP: A5
IMPORT io.shiftleft/deserializationDeserializationCWE: 502
OWASP: A8
IMPORT io.shiftleft/xpathXPath injectionCWE: 643, 91
OWASP: A1
IMPORT io.shiftleft/ldapiLDAP injectionCWE: 90
OWASP: A1
IMPORT io.shiftleft/cookieInsecure cookieCWE: 1004
OWASP: A6
IMPORT io.shiftleft/sessionInjectSession injection (HTTP data to session)CWE: 384
OWASP: A2
IMPORT io.shiftleft/leakTerminalSensitive data leak to terminalCWE: 200
OWASP: A3
IMPORT io.shiftleft/xxeXXE injectionCWE: 611
OWASP: A4
IMPORT io.shiftleft/mailSendMail injectionCWE: 159, 93
OWASP: A1
IMPORT io.shiftleft/weakRandomWeak Pseudo-Random Number GeneratorCWE: 338
OWASP: A1
IMPORT io.shiftleft/weakHashWeak hashCWE: 916
OWASP: A1
IMPORT io.shiftleft/dllinjectionSensitive data to Windows registryCWE: 74
OWASP: A1
IMPORT io.shiftleft/xmlinjectionXML Injection (HTTP data to XML write)CWE: 643
OWASP: A1
IMPORT io.shiftleft/cloudAccessDirectory traversal (cloud)CWE: 22
OWASP: A5
IMPORT io.shiftleft/jwtParserJWT parsing rulesCWE: 347
OWASP: A6
IMPORT io.shiftleft/transformersCommon transformers such as encrypt, encode, and decode