Our Agent is a portable tool you can download from Zirkul and it's available for Windows, Linux and OSX, no installation is required for using it.
The easiest way to get used to the options available in Job scripts is to copy/paste the templates provided here, but if you want more advanced options, you can interact directly with the Agent in the command line interface, and it will help you in the process of building your custom scripts.
Quick Tutorial
Variables
Setting up variables to be used within the script:
varvar_name='The value here'
Then you can use the variable in several ways:
echovar_name'The value here'echo'The value for the variable is "{{var_name}}"''The value for the variable is "The value here"'
Targets
Targets are the assets managed in Zirkul, such as Web or Mobile Applications, REST APIs, IP addresses, etc. Every scan you will run requires to be assigned to a target by its numeric ID.
You can load a target in scripts and store the information in the object 'target' so you can later use any of the attributes associated to the asset.
target123[ ! ] Target loaded successfully: 150echotarget.id123echo'The target name is: {{target.name}}'Thetargetnameis:CICDtest# Print all target propertiesechotargetCurrenttarget:==================================================id =>150target_type =>'Web Application'owner =><notset>name =>'CICD test'description =>'This is a description'created_date =>'2023-05-23 19:32:42'created_by_api =>Falsecreated_by =>'user@company.com'last_modified_date =>'2023-05-23 19:32:42'last_modified_by_api =>Falselast_modified_by =>'user@company.com'Attributes:cmdb_id =><notset>Compliance:rating =>'A+'critical =>0high =>0medium =>0low =>0informational =>0
Scans
Scans can be requested and updated directly from scripts.
Scan request:
# Typical scan requestnewscandynamicscantargetid:target.idsubject:'Dynamic Scan with for {{target.name}}'status:'not started'url:target.urltoolname:'Zirkul Agent'submit-
The scan type may vary depending on your licensing but usually the options available are:
Dynamic Scan
Static Scan
Network Scan
SCA
IAST
RASP
Pentest
You can list the scan types available by typing:
newscan[ + ] Scan data retrieved from server: Successzirkul(new/scan)#?Commands:===================================================> ?|help# Scan help: Help for scan actions=> exit|back# Exit scan mode: Exit from scan mode=> type [scan type]# Scan type: Select the scan typeAdditionaldetails==================================================Scantypes:DynamicScan,StaticScan,NetworkScan,Pentest,SCA,IAST,RASP,RedTeam,ProactiveThreatDetection
Every scan type has its own attributes so make sure to provide the required values, the question mark can be used everywhere for getting help at any time if you're using the CLI tool.
zirkul#newscandynamicscanzirkul(new/scan/dynamicscan)#?Optionsavailable:===================================================> targetid:<notset># Required: Target ID (Integer)=> subject:<notset># Required: This is the subject or short name for your scan (String)=> description:<notset># Optional: This can be a short description (String) => status : <not set> # Optional: The status can be one of the following (Not started, In ...
=> Assignee:<notset># (User)=> URL:<notset># The URL to scan (url)=> DirectoryRestriction:<notset># (Boolean)=> Enablehttpandhttps:<notset># (Boolean)=> Enableformsubmissions:<notset># (Boolean)=> Credentials:<notset># (ShortString)=> AuthenticationNotes:<notset># (ShortString)=> TimeZone:<notset># (Integer)=> StartDate:<notset># (DateTime)=> DueDate:<notset># (DateTime)=> TimeFrom:<notset># (Integer)=> TimeTo:<notset># (Integer)=> ScanNotes:<notset># (ShortString)=> Toolname:<notset># (ShortString)=> Result:<notset># Assigned grade used for Security Gates (Passed, Failed, Error)=> Responsemessage:<notset># (ShortString)=> DateStarted:<notset># (DateTime)=> DateCompleted:<notset># (DateTime)Actions:===================================================> ?|help# New Scan help: Help for new scan actions=> exit|back# Exit scan request: Exit from scan request mode=> submit# Submit request: Request a new scanzirkul(new/scan/dynamicscan)#
The action "submit" send the request to Zirkul for creating a new scan, if the request is approved, the current scan is stored in the object "scan":
echoscan.id123
Update scans
If you want to update an existing scan, you can load it for modifying any of its attributes:
# Load a scan by idscan123status:'in progress'description:'Scanning Target {{target.id}}'update-# Load the current scan if it was previously loadedscanscan.idstatus:'completed'description:'Scanning Target {{target.id}}'update-
Web scan with Zirkul Scanner
The Agent has a built-in vulnerability scanner you can use for detecting issues in your web applications:
scannerurlscan.urlstartspider-
Plugins
The most powerful feature the Agent has is the ability to run scans with external tools, you can use plugins for well-known tools and orchestrate everything from Zirkul with this functionality.
For example, let's say you want to run a scan using Burp Suite Pro/Enterprise, nmap, OWASP ZAP, Wapiti, etc and get everything published in Zirkul, this is possible with the plugins available in the marketplace.
plugins[ ! ] Plugins Available:=> burp# BurpSuite: BurpSuite integration for Dynamic automated scanning=> sonarqube# SonarQube: SonarQube integration for Static Analysis=> zap# OWASP ZAP: Run OWASP ZAP[ ! ] For loading plugins use: load <plugin_name>
Example: OWASP ZAP
loadzap[ + ] Downloading plugin: zap[ + ] Plugin file downloaded[ + ] Installing plugin: zap[ + ] Loading plugin: zapRunOWASPZAPHowtouse:OWASPZAPVersion:1.1==================================================usage:zapOWASPZAPpluginrequirethefollowingparameters:===================================================> url:<notset># url (Required): URL ZAP will be scanning => args : <not set> # args: Send custom arguments for running ZAP (override other parame...
=> port:9995# port: The port used by ZAP for running the local proxy => apikey : <not set> # apikey: Setup a custom API key for ZAP, if not provided JaguarScan...
=> path : <not set> # path: Custom path for locating the zap.bat or zap.sh script, if no...
=> memory:512# memory: You can specify how much memory Zap will use (512 default) => scantype : 'full' # scantype (Required): What scan type do you want ZAP to run: spider...
Return="vuln"Commands:===================================================> ?# Help: Show this message=> run# Run: Execute this plugin=> back# Exit: Close this plugin
Publishing results
The results from all the security scans and plugins you run in the script are stored locally in the Agent's memory, you must explicitly publish the results for uploading the issues to Zirkul.