🚓 Integrate PingCastle as Active Directory Scanner #388
Description
🚓 New Scanner implementation request
Is your feature request related to a problem
As a secureCodeBox user I would like to use PingCastle as a security scanner to regularly scan ADs (Active Directory). Because PingCastle depends on Windows, a detailed template and how-to could also be useful.
Describe the solution you'd like
Integrate PingCastle as an Active Directory scanner. Provide how-tos and parser.
Additional context
PingCastle is a windows application, so far we are considering the following solutions:
- Compile PingCastle open source code with Mono
- Compile PingCastle with .NET
- Use a windows docker image to run PingCastle there (current problem: VPN Connection)
- Use a VirtualBox Windows Image inside a Linux Docker Image and run PingCastle from there
- Use DockerWine/Wine/Winetricks
Steps to implement a new scanner
Hint: A general guide how to implement a new SCB scanner is documented here
- Create a new folder with the name of the scanner here
- Add a
README.gotmpland give a brief overview of the scanner and its configuration options. - Add a HelmChart and document all configuration options.
- Implement a new scanner specific
scan-type.yaml - Implement a new scanner specific
parse-definition.yaml - Add (optional) some
cascading-rules.yamllike documented here - Add (optional) a
Dockerfilefor the scanner if there is no existing one publicly available on dockerHub - Use the parser-SDK to implement a new findings parser (currently based on NodeJS)
- Add unit tests with at minimum 80% test coverage
- Add some example
scan.yamlandfinding.yamlfiles in the example folder