Troubleshooting
We would love to hear your feedback, and are here to help should you encounter any problems. Please drop us a line at support@stackhawk.com.
Table of contents
Incomplete or Missing URLs Found by Spider
To scan your application effectively, it is important that HawkScan find all the paths being served by your application. By default, HawkScan will first run a web crawler or “spider” to discover all the paths of your application before running active scans. For example you will see output on the terminal that will look something like this:
[INFO] shawk 2019-10-10 17:44:20,868 Spider complete
[INFO] shawk 2019-10-10 17:44:20,875 24 URLs after spiders
http://localhost:3000
http://localhost:3000/about
http://localhost:3000/assets
http://localhost:3000/assets/account_activation.self-877aef30ae1b040ab8a3aba4e3e309a11d7f2612f44dde450b5c157aa5f95c05.js?body=1
http://localhost:3000/assets/account_activations.self-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.css?body=1
http://localhost:3000/assets/action_cable.self-69fddfcddf4fdef9828648f9330d6ce108b93b82b0b8d3affffc59a114853451.js?body=1
http://localhost:3000/contact
http://localhost:3000/help
http://localhost:3000/microposts
http://localhost:3000/microposts/2
http://localhost:3000/microposts/56
http://localhost:3000/microposts/8
http://localhost:3000/robots.txt
http://localhost:3000/search
http://localhost:3000/searchresults
http://localhost:3000/sitemap.xml
http://localhost:3000/users
http://localhost:3000/users/1
http://localhost:3000/users/1/followers
http://localhost:3000/users/1/following
http://localhost:3000/users/2
http://localhost:3000/users/2/edit
http://localhost:3000/users/2/followers
http://localhost:3000/users/2/following
Scan status Stock-Default-Policy (http://host.docker.internal:3000) [4%]
If you do not see URLs and paths that you expect your application to serve, you may need to modify your stackhawk.yml
to include form authentication or an api specification. See the app.formAuth
and app.api
configuration options for more detail.
Networking
-
Problem: localhost scans fail, returning the following error:
Error: Unable to scan localhost on ports 0..1023. Please use a permitted port 1024..65535 to proceed.
Solution: HawkScan reports this error when a kernel port (0..1023) is set to a scan against localhost.
HawkScan runs in an unprivileged container which provides permissions for the userland context only. This requires scans against localhost to use a permitted ephemeral port (eg. 1024-65535).
Please refer to the Docker User Guide for more information.
Still Stuck?
Shoot us a note at support@stackhawk.com. We’d love to help you out.