Skip to content

Scan Templates

Jump to bottom
My Random Thoughts edited this page Apr 7, 2020 · 1 revision

There are many options available in order to create a new scan template. The GUI breaks down each section and helps to fill out each part. The API has over 70 different options. That a would be a lot of parameters!

In order to help with the process of creating a new scan template, I have created four helper functions. Each one for each of the four main sections of the template:

  • Asset Discovery (mandatory)
  • Vulnerabilities (required if web spidering is used)
  • Web Spidering
  • Policies

Each helper is described further below

Main New-NexposeScanTemplate function

After giving the New-NexposeScanTemplate function a few required parameters like Name and Description, there are four [hashtable] type parameters that are used for each of the sections above. The helper functions can be used to create the required input for them.

This function has parameters for the General section within the GUI

Helper: Invoke-NexposeScanTemplateHelperAssetDiscovery function

This function has all the options for asset discovery and covers the following sections within the GUI:

  • Asset Discovery
  • Service Discovery
  • Discovery Performance

Helper: Invoke-NexposeScanTemplateHelperVulnerabilities function

This function has all the options for vulnerabilities and covers the following sections within the GUI:

  • Vulnerability checks
  • File Searching (*API does not cover this section yet)
  • Spam Relaying (*API does not cover this section yet)
  • Database Servers
  • Mail Servers (*API does not cover this section yet)
  • CVS Servers (*API does not cover this section yet)
  • DHCP Servers (*API does not cover this section yet)
  • Telnet Servers

Helper: Invoke-NexposeScanTemplateHelperWebSpidering function

This function has all the options for web spidering and covers the following sections within the GUI: If these options are used, the vulnerabilities section must also be used

  • Web Spidering

Helper: Invoke-NexposeScanTemplateHelperPolicies function

This function has all the options for policies and covers the following sections within the GUI:

  • Policies
  • All other sections with this option are not covered due to the API not supporting them. Rapid7 support have said they are legacy options and will not be covered.

Example Code

$assetHash = (Invoke-NexposeScanTemplateHelperAssetDiscovery -TcpPorts @(1,2,3) -...)
$vulnHash = (Invoke-NexposeScanTemplateHelperVulnerabilities -ChecksUnsafe -...)
New-NexposeScanTemplate -Name '' -Description '' -Discovery $assetHash -Vulnerabilities $vulnHash

Clone this wiki locally