VoidSec Scanner

CLI orchestrator that runs 3 mature security tools and generates unified reports.

``voidsec scan https://target.com --profile quick`

`Architecture`

`voidsec scan https://target.com ↓ ┌─────────┬─────────┬───────────┐ │ ZAP │ Nuclei │ testssl │ └────┬────┴────┬────┴─────┬─────┘ └─────────┼──────────┘ ↓ Aggregator (dedupe, consolidate) ↓ HTML Report`

`What It Does`

- Single command runs 3 tools - Unified HTML report - Noise reduction (filters informational clutter) - Consolidates same vuln across multiple URLs - Tech detection (Drupal, PHP, nginx versions) - Zero CVE maintenance (Nuclei community handles it)

`What It Doesn't Do`

- Authenticated scanning - Business logic flaw detection - Zero-day detection - API fuzzing - Replace manual pentesting

`Scanners`

`$3`

Docker-based OWASP ZAP baseline scan.

`bash docker run zaproxy/zap-stable zap-baseline.py`

Skipped plugins (noise):

| ID | Name | Why Skip | |----|------|----------| | 10109 | Modern Web Application | Just says "this is SPA" | | 10015 | Re-examine Cache-control | Informational | | 10049 | Non-Storable Content | Informational | | 10050 | Retrieved from Cache | Informational | | 10044 | Big Redirect Detected | 99% false positives | | 10027 | Suspicious Comments | Triggers on TODO/FIXME | | 10112 | Session Management Response | Just says "session exists" | | 10017 | Cross-Domain JS | Merged into SRI finding |

`$3`

Template-based scanner with 5000+ community templates.

`bash nuclei -u https://target.com -t templates/`

Updates:`bash nuclei -update-templates # auto-updates community templates`

Custom templates (/templates/):

| Template | What It Does | |----------|--------------| | drupal-theme-lockfiles.yaml | Exposed package.json/yarn.lock in themes | | drupal-api-user-detail.yaml | JSON:API user detail exposure | | drupal-file-path-disclosure.yaml | Filename leak in 403 errors | | drupal-dev-files-exposed.yaml | Composer.json/lock exposed | | http-options-enabled.yaml | HTTP OPTIONS method enabled | | nextjs-version-detect.yaml | Next.js version via headless browser |

`$3`

SSL/TLS vulnerability scanner.

`bash testssl.sh --jsonfile output.json https://target.com`

Skipped: Scanner errors (engine_problem, scanProblem) - our machine issues, not target.

`Profiles`

| Profile | What It Runs | |---------|--------------| | quick | ZAP baseline + Nuclei (misconfig, exposure) | | standard | + more Nuclei templates | | deep | + fuzzing templates |

Note: SSL/TLS analysis (testssl.sh) is opt-in with --ssl flag.

`Output`

`bash voidsec scan https://target.com --output report.html`

Report includes: - Severity summary (Critical/High/Medium/Low/Info) - Technology detection - Test coverage - Findings with reproduce commands - Passed security checks

`Maintenance`

| Component | Maintenance | How | |-----------|-------------|-----| | Nuclei templates | Zero |nuclei -update-templates| | ZAP | Zero | Docker pulls latest | | testssl | Zero | System updates | | Custom templates | Low | Update when Drupal changes | | Filters | Minimal | Quarterly review |

`Install`

`$3`

`bash

`Install globally`


npm install -g @voidagency/web-scanner
Or use with npx (no installation)

npx @voidagency/web-scanner scan https://target.com --profile quick
Setup dependencies (checks brew, installs nuclei, pulls ZAP image)

voidsec setup

$3

`bash

`Clone and install`


git clone 
cd voidsec
npm install
npm run build
Setup dependencies (checks brew, installs nuclei, pulls ZAP image)

npm run dev -- setup

Requirements: - Node.js 18+ - OrbStack or Docker (for ZAP) - Get OrbStack (recommended, faster & lighter) - Homebrew (for installing nuclei) - nuclei (auto-installed viasetupcommand) - testssl.sh (optional, for SSL/TLS analysis)

Setup Command: Thesetupcommand automatically: - Checks if Homebrew is installed - Checks if Docker/OrbStack is running - Installs Nuclei via Homebrew if missing - Pulls ZAP Docker image if Docker is available

macOS Note: First run will prompt "Chromium wants to use your keychain" - click Always Allow. This is for Nuclei headless templates (Next.js detection). Only asked once.

`Usage`

`bash

`Quick scan`


voidsec scan https://target.com --profile quick
Nuclei only (fast, no Docker)

voidsec scan https://target.com --profile quick --no-zap
With SSL/TLS analysis

voidsec scan https://target.com --ssl
With output

voidsec scan https://target.com --output report.html
Disable CVE lookup

voidsec scan https://target.com --no-cve
Test Drupal checks only

voidsec test-drupal https://target.com

Note: If installed from source, use npm run dev -- prefix (e.g., npm run dev -- scan ...`)

VoidSec Scanner

CLI orchestrator that runs 3 mature security tools and generates unified reports.

``voidsec scan https://target.com --profile quick`

`Architecture`

`What It Does`

`What It Doesn't Do`

- Authenticated scanning - Business logic flaw detection - Zero-day detection - API fuzzing - Replace manual pentesting

`Scanners`

`$3`

Docker-based OWASP ZAP baseline scan.

`bash docker run zaproxy/zap-stable zap-baseline.py`

Skipped plugins (noise):

`$3`

Template-based scanner with 5000+ community templates.

`bash nuclei -u https://target.com -t templates/`

Updates:`bash nuclei -update-templates # auto-updates community templates`

Custom templates (/templates/):

`$3`

SSL/TLS vulnerability scanner.

`bash testssl.sh --jsonfile output.json https://target.com`

Skipped: Scanner errors (engine_problem, scanProblem) - our machine issues, not target.

`Profiles`

| Profile | What It Runs | |---------|--------------| | quick | ZAP baseline + Nuclei (misconfig, exposure) | | standard | + more Nuclei templates | | deep | + fuzzing templates |

Note: SSL/TLS analysis (testssl.sh) is opt-in with --ssl flag.

`Output`

`bash voidsec scan https://target.com --output report.html`

Report includes: - Severity summary (Critical/High/Medium/Low/Info) - Technology detection - Test coverage - Findings with reproduce commands - Passed security checks

`Maintenance`

`Install`

`$3`

`bash

`Install globally`


npm install -g @voidagency/web-scanner
Or use with npx (no installation)

npx @voidagency/web-scanner scan https://target.com --profile quick
Setup dependencies (checks brew, installs nuclei, pulls ZAP image)

voidsec setup

$3

`bash

`Clone and install`


git clone 
cd voidsec
npm install
npm run build
Setup dependencies (checks brew, installs nuclei, pulls ZAP image)

npm run dev -- setup

macOS Note: First run will prompt "Chromium wants to use your keychain" - click Always Allow. This is for Nuclei headless templates (Next.js detection). Only asked once.

`Usage`

`bash

`Quick scan`


voidsec scan https://target.com --profile quick
Nuclei only (fast, no Docker)

voidsec scan https://target.com --profile quick --no-zap
With SSL/TLS analysis

voidsec scan https://target.com --ssl
With output

voidsec scan https://target.com --output report.html
Disable CVE lookup

voidsec scan https://target.com --no-cve
Test Drupal checks only

voidsec test-drupal https://target.com

Note: If installed from source, use npm run dev -- prefix (e.g., npm run dev -- scan ...`)