Run a partial scan
This article will show you how to run a partial scan with preZero.
preZero allows you to scan only for specific vulnerability categories instead of running a complete scan. You can create a policy that imports only the dictionaries for the categories you're interested in.
For example, let's say that you're interested in XSS and Remote Code Execution issues. You would need to:
-
Create a new policy and modify the
IMPORTcalls so that you only import the categories of interestIMPORT io.shiftleft/defaultdict
IMPORT io.shiftleft/xss
IMPORT io.shiftleft/execute -
Validate, push, and assign your policy when invoking
sl analyze.
Available dictionary categories for import
The following is a list of dictionary categories that you can import into your policies for partial scans.
| Category/Import | Description | CWE/OWASP |
|---|---|---|
| IMPORT io.shiftleft/environment | Environment variables get leaked over HTTP or to the console | CWE: 200 OWASP: A3 |
| IMPORT io.shiftleft/sqlinjection | SQL injection over HTTP or via UI | CWE: 89 OWASP: A1 |
| IMPORT io.shiftleft/nosqlinjection | NoSQL injection over HTTP | CWE: 943 OWASP: A1 |
| IMPORT io.shiftleft/xss | XSS to HTTP header or HTML | CWE: 79 OWASP: A7 |
| IMPORT io.shiftleft/execute | Remote code execution via HTTP or cloud | CWE: 77, 78 OWASP: A1 |
| IMPORT io.shiftleft/httpWrite | Data to HTTP | CWE: 200 OWASP: A3 |
| IMPORT io.shiftleft/logWrite | Sensitive data leak | CWE: 200, 117 OWASP: A3 |
| IMPORT io.shiftleft/fileWrite | Directory traversal, unsafe unzipping and file write | CWE: 22 OWASP: A5 |
| IMPORT io.shiftleft/fileRead | Directory traversal | CWE: 22 OWASP: A5 |
| IMPORT io.shiftleft/deserialization | Deserialization | CWE: 502 OWASP: A8 |
| IMPORT io.shiftleft/xpath | XPath injection | CWE: 643, 91 OWASP: A1 |
| IMPORT io.shiftleft/ldapi | LDAP injection | CWE: 90 OWASP: A1 |
| IMPORT io.shiftleft/cookie | Insecure cookie | CWE: 1004 OWASP: A6 |
| IMPORT io.shiftleft/sessionInject | Session injection (HTTP data to session) | CWE: 384 OWASP: A2 |
| IMPORT io.shiftleft/leakTerminal | Sensitive data leak to terminal | CWE: 200 OWASP: A3 |
| IMPORT io.shiftleft/xxe | XXE injection | CWE: 611 OWASP: A4 |
| IMPORT io.shiftleft/mailSend | Mail injection | CWE: 159, 93 OWASP: A1 |
| IMPORT io.shiftleft/weakRandom | Weak Pseudo-Random Number Generator | CWE: 338 OWASP: A1 |
| IMPORT io.shiftleft/weakHash | Weak hash | CWE: 916 OWASP: A1 |
| IMPORT io.shiftleft/dllinjection | Sensitive data to Windows registry | CWE: 74 OWASP: A1 |
| IMPORT io.shiftleft/xmlinjection | XML Injection (HTTP data to XML write) | CWE: 643 OWASP: A1 |
| IMPORT io.shiftleft/cloudAccess | Directory traversal (cloud) | CWE: 22 OWASP: A5 |
| IMPORT io.shiftleft/jwtParser | JWT parsing rules | CWE: 347 OWASP: A6 |
| IMPORT io.shiftleft/connectionRedirect | Network connection redirect | CWE: 918 OWASP: A5 |
| IMPORT io.shiftleft/ssrf | Server-side request forgery | CWE: 918 OWASP: A5 |
| IMPORT io.shiftleft/httpHeader | HTTP header injection | CWE: 113 OWASP: Aq |
| IMPORT io.shiftleft/weakCipher | Weak cipher used | CWE: 327 OWASP: A6 |
| IMPORT io.shiftleft/redos | Regular expression denial of service | CWE: 1333 OWASP: N/A - ReDoS |
| IMPORT io.shiftleft/grpcWrite | Sensitivate data contained in GRPC response | CWE: 200 OWASP: A3 |
| IMPORT io.shiftleft/deprecated | Use of deprecated url.parse() function with HTTP data | CWE: 477 OWASP: A9 |
| IMPORT io.shiftleft/prototypePollution | Prototype pollution | CWE: 1321 OWASP: A1 |
| IMPORT io.shiftleft/zipbomb | Denial of service | CWE: 409 OWASP: A6 |
| IMPORT io.shiftleft/transformers | Common transformers such as encrypt, encode, and decode | |
| IMPORT io.shiftleft/android | Policies for Android applications | |
| IMPORT io.shiftleft/aws | Policies for AWS environments |