Creating own scanning rules

ScanSuite supports own set of scanning rules for both static (Semgrep) and dynamic (Nuclei) analysis.

To create a new rule, select the rule type (Nuclei or Semgrep), paste the rule text, and click upload:

To view or change the rule select it via the drop-down menu:

It is possible to generate the Nuclei rule from the vulnerability PoC description using OpenAI connector. Refer to the Admin Manual to obtain and set up the OpenAI API key.

Paste the description including parts of the HTTP request and response used for the vulnerability detection and clock Gen with AI:

The rule will be generated and pasted to the same field. Review it, amend if necessary and click Upload:

Semgrep rules could be managed the same way, but the AI rule generation is not yet supported.

To run the scan, choose the respective scanner with My Rules tag: