OrenGitHub/dhscanner

### Dhscanner [](https://github.com/OrenGitHub/dhscanner/actions/workflows/tests.yml) ### GitHub 操作 ( 👈 首选且最简单的方法 )

点击此处复制 yaml 文件

``` name: dhscanner-sast on: push: branches: - main jobs: run-dhscanner: runs-on: ubuntu-latest steps: - name: clone dhscanner (with submodules) run: | git clone --recurse-submodules https://github.com/OrenGitHub/dhscanner cd dhscanner docker compose -f compose.rel.x64.yaml up -d - name: checkout specific tag uses: actions/checkout@v4 - name: send the whole repo to dhscanner run: | tar -cz . | curl -v -X POST \ -H "X-Code-Sent-To-External-Server: false" \ -H "Content-Type: application/octet-stream" \ --data-binary @- http://127.0.0.1:443/ > output.sarif - name: Upload SARIF results uses: github/codeql-action/upload-sarif@v3 with: sarif_file: output.sarif - name: fail workflow if sarif contains findings run: | if jq '.runs[].results | length > 0' output.sarif | grep -q 'true'; then echo "Sarif findings detected, failing the workflow" exit 1 fi ```

### 命令行 [^1] 你只需要 docker 🐳 即可安装并运行 dhscanner！

克隆仓库

``` $ git clone --recurse-submodules https://github.com/OrenGitHub/dhscanner $ cd dhscanner ```

适用于 x64 系统的最快发布版本构建

``` $ docker compose -f compose.rel.x64.yaml up -d ```

适用于 ARM / aarch64 系统的最快发布版本构建

``` $ docker compose -f compose.rel.aarch64.yaml up -d ```

适用于开发构建（所有系统）

``` $ docker compose -f compose.dev.yaml up -d ```

开始扫描！

``` $ python ./cli.py --scan_dirname ../the/src/dir/to/scan --ignore_testing_code true ```

[^1]: 在现代笔记本电脑上大约需要 3 分钟

标签：aarch64, AI应用开发, DevSecOps, Docker, ffuf, GitHub Actions, LNA, SARIF, SAST, Vue, x64, 上游代理, 代码安全, 安全专业人员, 安全防御评估, 容器扫描, 文件系统扫描, 漏洞枚举, 盲注攻击, 自动化安全扫描, 自动笔记, 请求拦截, 逆向工具, 静态应用安全测试