IDE Plugins
Developer self-service security scans - allow developers to run DAST scans from their local environment
Performing security testing earlier in the SDLC is one of the best ways to reduce security risks and the cost of fixing security issues.
Using NightVision's VSCode Extension, developers can quickly and easily run DAST scans from their local environment using shared configuration. Once configured, developers do not need to have any security expertise to run scans from their local environment.
VSCode Extension
Install
Open the NightVision Extension for Visual Studio Code in the Visual Studio Marketplace.
Dependencies
Usage
For this example, we'll be using the HTML5 Vulnweb website from the public vulnerable websites.
Projects
Create a new project called HTML5-Vulnweb.
Targets
Create a new target called HTML5-Vulnweb-Target and set the URL to http://testhtml5.vulnweb.com.
Authentications
Create a new Playwright authentication named HTML5-Vulnweb-Auth and set the URL to http://testhtml5.vulnweb.com. This will open a Chrome window at the specified URL. Log in using the username admin and password admin. This authentication enables comprehensive testing of the website, revealing issues behind login screens and other authentication barriers.
Scans
Initiate a new scan using the target we just set up. NightVision will begin analyzing the website for any vulnerabilities.
You can monitor the scan in progress or review it after completion to see the vulnerabilities the program has identified on the website.
Updated 6 months ago