npx to run a one-off scan of a website:
npx is-website-vulnerable https://example.com [--json] [--js-lib] [--mobile|--desktop] [--chromePath]
The CLI will gracefully handle cases where the URL to scan is missing by prompting you to enter it:
$ npx is-website-vulnerable Woops! You forgot to provide a URL of a website to scan. ? Please provide a URL to scan: › https://example.com ...
To build and run the container locally:
# Clone Repo: git clone https://github.com/lirantal/is-website-vulnerable.git # Change to repo's cloned directory: cd is-website-vulnerable # Build Image locally: docker build -t lirantal/is-website-vulnerable:1.0 . --no-cache # Run container: docker run -e SCAN_URL="https://www.google.com/" lirantal/is-website-vulnerable:1.0
SCAN_URL is an environment variable and the value for that can be replaced with desired URL during Docker run. Docker container will exit once the scan has been completed.
⚠️ A modern version of Chrome is assumed to be available when using
is-website-vulnerable. It may not be safe to assume that this is satisfied automatically on some CI services. For example, additional configuration is necessary for Travis CI.
You can install globally via:
npm install -g is-website-vulnerable
Please consult CONTRIBUTING for guidelines on contributing to this project.