Skip to content

Scanning Engine v2 - Module - Bootstrap

Overview

The bootstrap scanning module is the root of every job's task tree, acting similar to the Unix init process. bootstrap looks at a job's definition and builds a task tree of modules, adding implicit portscan module invocations where necessary.

Targeting

This module has no targeting, it only evaluates the job definition submitted by the client.

Disabling Implicit Port Scans

By default this module will look at all modules in a job and create a corresponding portscan invocation for each TCP and UDP port declared in a module invocation's ports key. Performing a port scan prior to running a full scanning module speeds up most jobs, which is why we've made it the default behaviour. There are still some situations in which we recommend disabling port scanning.

If you know that all the declared ports on all the declared targets in a job are open, then port scanning is a waste. If there's any uncertainty about the state of the services on those ports, you should instead run a port scan. Port scans send TCP SYN packets or UDP probes to a target's ports and are built for speed, so leaving it enabled may add a task to your job's task tree and introduce some coordination overhead, but avoiding a single HTTP exchange timing out should recoup the cost.

If the module you are using will operate on a TLS service that switches its responses based on the Server Name Indication (SNI) extension, such as HTTPS, then you may want to disable port scanning. When a hostname target is passed to portscan it is translated into its corresponding IP addresses and the hostname is forgotten for the remainder of the task tree. This is a known limitation of the system in its current state.

Configuration

Only the publicly-available configuration keys that can be set in a job's module invocations will be described below. Additional configuration keys may exist, but not be shown here because they are restricted to specific users or because they are permanently set as a static value. If no keys have (required) after their names then invocations of this module need not contain a config key.

Named Keys

portscan

Portscanning can be disabled.

  • Type: boolean
  • Default: True

Schemas

There are no published schemas for the bootstrap module because its output is not used to produce results. The output of the bootstrap module is used only by the Minion to create and upload tasks definitions that Krang will distribute to other Minions.

Changelog

  • YYYY-MM-DD: Initial public release of documentation.