Upon scan completion, the HawkScan results are returned directly in the terminal and sent to the StackHawk Platform.
The HawkScan results will present the total number of found vulnerabilities across all pages in the application, as well as the total number of unique vulnerabilities it finds throughout your app.
The scan results presented in the terminal and in the StackHawk Platform are split into two sections:
- The results summary, reporting the total number of found vulnerabilities across all paths in the application, as well as the total number of unique vulnerabilities found.
- The results payload, with specific details on every found vulnerability and resources to address those vulnerabilities.
The scan results summary contains details about the scanned application, including:
- The number of vulnerabilities found across each risk level
- The total number of found vulnerabilities throughout the application
- The total number of unique vulnerabilities identified by the scan
Scan results for http://localhost:3000 High: 1 Medium: 17 Low: 9020 Total: 9038 Unique: 5
The scan results payload is organized as a list of every found unique vulnerability across the scan. Each reported vulnerability includes the following fields in its payload:
- Vulnerability: The name of the vulnerability that has been identified.
- Risk: An assessment of the risk presented by the vulnerability.
- Confidence: The confidence that the scan has accurately identified the vulnerability.
- References: Additional external links that can assist in addressing the identified vulnerabilities.
- Paths: The URL paths and associated HTTP methods where vulnerabilities were found.
Reported vulnerabilities may include additional fields in its payload, including:
- Cheatsheet: A link to an applicable OWASP Cheatsheet for this vulnerability.
More information on the payload components are included below.
This field is the name of the vulnerability that has been identified. HawkScan is built on OWASP’s ZAP scanner and includes both standard vulnerability definitions and additional plugin vulnerabilities.
The risk field is an assessment of the likelihood and impact, with every found vulnerability rated as High, Medium, or Low. The risk severity corresponds as follows:
- Low - Informational and low-impact discoveries, as well as security suggestions.
- Medium - Vulnerabilities with significant impact or ease of exploit.
- High - Vulnerabilities with significant impact and likelihood of exploit, usually with a known corresponding CWE or CVE attached to the vulnerability.
These risk categories are loosely based on the OWASP Risk Rating Methodology.
Vulnerability results are returned ordered by risk, with High items presented first.
This field represents the confidence level that HawkScan has accurately identified the given vulnerability. This field is also measured as one of High, Medium, or Low. The confidence level corresponds as follows:
- Low - the results should be independently confirmed for accuracy and relevance.
- Medium - the results are likely accurate.
- High - the results are provided with a strong assurance of accuracy and relevance.
The references field includes links that can help in addressing the identified vulnerabilities. Note that these are pulled from the open source ZAP scanner.
A list of all paths in the web application which the vulnerability was identified with the associated HTTP method. If more than 5 paths are identified, the full list of pages identified with the vulnerability can be viewed in the StackHawk Platform.
Often times, a single fix can address the same vulnerability found across multiple pages.
The cheatsheet field is an optionally included link to an applicable OWASP Cheat Sheet reference. These are helpful resources on specially focused security topics, that are highly relevant to the reported vulnerability.
Not every vulnerability includes this field in its payload.