Skip to content

Custom scans

You can use Ostorlab CLI to run a scan on the platform with a custom list of checks. The custom list of checks manifests in the form of custom agent settings.

This is useful if you have a private agent or would like to use one of the open-source agents with specific arguments.

An example would be to run the "Nuclei" agent with a predefined list of templates that are not part of the default ones.

Following are the steps needed to run a custom scan:

Ostorlab - Ostorlab Cli

The Ostorlab CLI is responsible for authenticating the user and running the scan on the platform:

pip install ostorlab
  • Login to your ostorlab account, by filling in your username & password;
ostorlab auth login  

Prepare the Agent group definition:

The list of the agents to run and their respective arguments is passed via the Agent group definition file.

An example:

kind: AgentGroup
description: This is a custom agent group to run nuclei with custom templates.
name: custom_agent_group
  - key: agent/ostorlab/nuclei
      - name: use_default_templates
        type: boolean
        description: use nuclei's default templates to scan.
        value: false
      - name: template_urls
        type: array
        description: List of template urls to run. These will be fetched by the agent and passed to Nuclei.
Save your custom agent group definition (agent_def.yaml) to a file that we will use to run the scan.

Run the scan:

oxo scan --runtime=cloud run -g PATH_AGENT_GROUP_DEFINITION COMMAND [ARGS]

For example to scan the url using the agent group defined in /tmp/agent_def.yaml

oxo scan --runtime=cloud run -g /tmp/agent_def.yaml link --url --method GET