NPM library to easily set up new scanners for the secureCodeBox

Usage no npm install needed!

<script type="module">
  import securecodeboxScannerScaffolding from 'https://cdn.skypack.dev/@securecodebox/scanner-scaffolding';


Build Status License Known Vulnerabilities

SecureCodeBox Scanner Scaffolding

A wrapper to easily integrate new scanner into the secureCodeBox.

This bundles a few basic concernes every worker service should fullfill:

  • Fetching and completing Tasks
  • Healthcheck endpoints
  • Error handeling


This libary is compatible with Node 8 and beyond.


npm install @securecodebox/scanner-scaffolding


This example shows how this libary can be used:

const SecureCodeBoxScannerScaffolding = require('@securecodebox/scanner-scaffolding');

const worker = new SecureCodeBoxScannerScaffolding(
    // Callback function which will be called when a new scan should be performed
    async targets => {
        return { raw: [], result: [] };
        engineAddress: 'http://localhost:8080',
        // Name of the External Task specified in the Engine
        topic: 'nmap_portscan',
        // Used to generate the worker id. This Example would look something like this: securebox.portscan.60a6ac0c-4e26-40ea-908e-598e9c807887
        workername: 'portscan',
        // Used in the status page and logged on startup to check if the connection to the scanner is successful
        // Needs to return a object with to attribtues version and testRun
        async testScannerFunctionality() {
            return { version: '1.5.3', testRun: 'successful' };
 * Starts a small server with two endpoints:
 *       "/" basic endpoint for healthchecks returns the worker id as a string
 * "/status" returns a json object containing basic information about this worker

Handeling Errors

In case of a scan failure you can throw Errors from the Callback function. The Error message will be submitted back to the engine.