The project is laid out into several related components. These components can be thought of as either "applications" or "libraries".
"Applications" have a main.js
and are meant to be executables.
These are found in the apps directory.
The current applications are:
- The Scan Engine which listens to the message queue and routes work to the appropriate scanner.
- The API which is responsible for managing HTTPS access to the data.
- The CLI which is a general purpose CLI for interacting with the site scanner components. Currently used to ingest the Target URLs that the site scanner uses, add scan jobs to the queue, clear the queue, and write scan snapshots to S3.
See each of the applications' README.md
s for more info.
To add a new application, use the Nest.js CLI to scaffold the application.
nest g app <app_name>
"Libraries" have an index.js
and are meant to be used by "Applications".
Anything that will be used by multiple "Applications" should likely be a
library.
The libraries are:
- Browser which creates a headless browser for scanning.
- Core Scanner performs all of the basic scanning logic. See Website Data for more info.
- Database which is responsible for all data access.
- Message Queue which is responsible for handling the message queue.
- Ingest which is responsible for ingesting data into the system. Currently, it handles target urls.
To add a new library, use the Nest.js CLI to scaffold the library.
nest g library <library_name>