How to Integrate Netsparker with Jenkins

Jenkins provides an open source automation server that supplies plugins that support the development of software projects. If you already use Jenkins to automate tasks, you can integrate Netsparker with Jenkins. This enables you automate Netsparker (Cloud and Desktop) scans and export Netsparker reports. These automated Netsparker tasks are then displayed in the Jenkins UI.

This article explains how to run scans automatically and export reports from Netsparker via Jenkins.

How to Automate Scans and Export Reports From Netsparker via Jenkins
  1. Once you have installed Jenkins, open the Jenkins web user interface. The Jenkins web interface can be reached at: http://127.0.0.1:8080/. This window is displayed.

Once you have installed Jenkins, open the Jenkins web user interface. The Jenkins web interface can be reached at: http://127.0.0.1:8080/. This window is displayed.

  1. In the Enter an item name field, type your project name.
  2. Select Freestyle project as the type.
  3. Click OK. The Config window is displayed.

Select Freestyle project as the type. Click OK. The Config window is displayed.

  1. Click the Build Environment tab.
  2. From the Add build step dropdown, select Execute Windows batch command. The Execute Windows batch command panel is displayed.

Click the Build Environment tab. From the Add build step dropdown, select Execute Windows batch command. The Execute Windows batch command panel is displayed.

  1. In the Command field, enter the following command:

cd C:\Program Files (x86)\Netsparker netsparker.exe /a /url http://php.testsparker.com/ /rt "Detailed Scan Report" /r "C:\Program Files(x86)\Jenkins\workspace\netsparker-scan\report_phptestsparkercom.html"

In this command, the value ‘Detailed Scan Report’ given to the rt parameter on the command line, is taken from the template names contained in the C:\Users\{USERNAME}\Documents\Netsparker\Resources\Report Templates directory.

If any of the template names from this screenshot was included in the command, instead of ”Detailed Scan Report”, a report will be generated according that template instead.

If any of the template names from this screenshot was included in the command, instead of ''Detailed Scan Report", a report will be generated according that template instead.

You can read more about parameters here:

https://www.netsparker.com/blog/docs-and-faqs/netsparker-desktop-command-line-interface-arguments/.

  1. Click Save to save the project.
  2. This screenshot shows a Console Output window after the created task runs.

This screenshot shows a Console Output window after the created task runs.

This screenshot shows a Workspace that is created after the task runs.

This screenshot shows a Workspace that is created after the task runs.

This is a Security Bloggers Network syndicated blog post authored by Omer Citak. Read the original post at: Netsparker, Web Application Security Scanner