If we stop shipping cascading rules by default (see #914), we could consider adding a separate source of cascading rules.
Some other tools have a rule repository where they have a curated set of configurations for the tool (e.g. semgrep). Offering something similar for scan and cascade rules for SCB would give people a starting point / allow them to share their own cascading rules or scan configurations, which can allow the entire userbase to benefit from the rules written by a single person, if they choose to share them. This way, we can avoid everyone having to reinvent the wheel when it comes to standard workflows like "amass => nmap => ..." cascades.
Of course, it would be a bunch of work to implement this frontend (unless it is just a Git repository with a bunch of subfolders containing yaml files and READMEs for the different scanners) and curate the ruleset and keep it up to date. I'll just leave this here as a starting point for discussions, and if the end result is "this would be way too much work for too little benefit" (or "we don't want to make life too easy for the script kiddies that want to compromise other people's boxes" 😁 ), we'll close it again.
If we stop shipping cascading rules by default (see #914), we could consider adding a separate source of cascading rules.
Some other tools have a rule repository where they have a curated set of configurations for the tool (e.g. semgrep). Offering something similar for scan and cascade rules for SCB would give people a starting point / allow them to share their own cascading rules or scan configurations, which can allow the entire userbase to benefit from the rules written by a single person, if they choose to share them. This way, we can avoid everyone having to reinvent the wheel when it comes to standard workflows like "amass => nmap => ..." cascades.
Of course, it would be a bunch of work to implement this frontend (unless it is just a Git repository with a bunch of subfolders containing yaml files and READMEs for the different scanners) and curate the ruleset and keep it up to date. I'll just leave this here as a starting point for discussions, and if the end result is "this would be way too much work for too little benefit" (or "we don't want to make life too easy for the script kiddies that want to compromise other people's boxes" 😁 ), we'll close it again.