Skip to content

Commit 061c771

Browse files
CodeMonkeyCybersecurityCodeMonkeyCybersecurity
committed
refactor: simplify auth scanner logging by removing individual test results and using attack chains
1 parent 663d8c6 commit 061c771

1 file changed

Lines changed: 3 additions & 33 deletions

File tree

internal/orchestrator/bounty_engine.go

Lines changed: 3 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -797,20 +797,10 @@ func (e *BugBountyEngine) runAuthenticationTests(ctx context.Context, target str
797797
} else if report != nil {
798798
e.logger.Infow("SAML scan complete",
799799
"vulnerabilities_found", len(report.Vulnerabilities),
800-
"tests_run", len(report.Tests),
800+
"attack_chains", len(report.AttackChains),
801801
"component", "auth_scanner",
802802
)
803803

804-
// Log each test result for audit trail
805-
for _, test := range report.Tests {
806-
e.logger.Infow("SAML test result",
807-
"test_name", test.Name,
808-
"vulnerable", test.Vulnerable,
809-
"severity", test.Severity,
810-
"component", "auth_scanner",
811-
)
812-
}
813-
814804
// Convert vulnerabilities to findings
815805
for _, vuln := range report.Vulnerabilities {
816806
finding := convertVulnerabilityToFinding(vuln, target)
@@ -857,20 +847,10 @@ func (e *BugBountyEngine) runAuthenticationTests(ctx context.Context, target str
857847
} else if report != nil {
858848
e.logger.Infow("OAuth2 scan complete",
859849
"vulnerabilities_found", len(report.Vulnerabilities),
860-
"tests_run", len(report.Tests),
850+
"attack_chains", len(report.AttackChains),
861851
"component", "auth_scanner",
862852
)
863853

864-
// Log each test result for audit trail
865-
for _, test := range report.Tests {
866-
e.logger.Infow("OAuth2 test result",
867-
"test_name", test.Name,
868-
"vulnerable", test.Vulnerable,
869-
"severity", test.Severity,
870-
"component", "auth_scanner",
871-
)
872-
}
873-
874854
for _, vuln := range report.Vulnerabilities {
875855
finding := convertVulnerabilityToFinding(vuln, target)
876856
findings = append(findings, finding)
@@ -914,20 +894,10 @@ func (e *BugBountyEngine) runAuthenticationTests(ctx context.Context, target str
914894
} else if report != nil {
915895
e.logger.Infow("WebAuthn scan complete",
916896
"vulnerabilities_found", len(report.Vulnerabilities),
917-
"tests_run", len(report.Tests),
897+
"attack_chains", len(report.AttackChains),
918898
"component", "auth_scanner",
919899
)
920900

921-
// Log each test result for audit trail
922-
for _, test := range report.Tests {
923-
e.logger.Infow("WebAuthn test result",
924-
"test_name", test.Name,
925-
"vulnerable", test.Vulnerable,
926-
"severity", test.Severity,
927-
"component", "auth_scanner",
928-
)
929-
}
930-
931901
for _, vuln := range report.Vulnerabilities {
932902
finding := convertVulnerabilityToFinding(vuln, target)
933903
findings = append(findings, finding)

0 commit comments

Comments
 (0)