* [[User:Psiinon|Psiinon]]
* TBA
=TODO - move everything below here into one of the sub pages...=
===Minions (Scanners)===
* Receive kickoff from task engine
* Scan target
* Send results back to task engine in necessary format (JSON)
===Target===
* Site hosted by developer
* Can be hosted or running locally
==Configuration Abstraction==
To pass data between components, a standard configuration and data scheme must be used. For Minion, we have decided to use JSON and a REST API as the format for passing data. For example, the user interface will collect the necessary options, then call the task engine and pass it a JSON string of those options. The task engine will read the options and use each installed tool's REST API to make requests to the tool (some tools may need different options than others). The tool will pass its results back to the task engine as a JSON string and the task engine will compile all returned results into a single JSON string which will be returned to the interface. The interface will deconstruct the string into human-readable results and display them on the results page.
===Basic Tool Requirements===
Each tool takes a number of base options as well as optional options that can improve the scan's accuracy or increase its functionality.
====Zed Attack Proxy====
Base options: URL
Optional: spider depth-level, CSRF tokens, authentication information, parameters to fuzz
====Garmr====
Base options: URL
Optional: parameters to test
Note: most options with Garmr involve output, which should be handled without interaction from the user.
====Skipfish====
Base options: URL
Optional: authentication credentials, cookie values, non-standard header information, scan time limit (see http://code.google.com/p/skipfish/wiki/SkipfishDoc for a full list)
Note: Skipfish has a lot of additional options that include domains to exclude in crawling, domains to ignore in testing, wordlist generation, folder output, etc. To make it as easy to use as possible, the Skipfish plugin should include defaults for all of these options so that the user will never need to worry about the options.
==Installation Notes==
PYTHONPATH="$PYTHONPATH:$HOME/minion/task_engine"
PYTHONPATH="$PYTHONPATH:$HOME/minion/plugins"
export PYTHONPATH
sudo easy_install bottle
