Plugin Architecture

Enterprise

Extend Ravenscan's scanning capabilities with custom plugins for proprietary protocols, internal applications and custom compliance checks.

Plugin types

YAML check templates

Nuclei-compatible YAML templates for HTTP-based checks. Define request matchers (status code, body content, regex), extractors (version, header values), and severity. Drop templates into ~/.ravenscan/plugins/ and they are loaded on next scan.

Protocol auditors

Go plugins that implement the Auditor interface. Receive the target host/port and service fingerprint, perform custom protocol checks, and return findings. Compiled as shared libraries.

Report exporters

Custom report output formats. Implement the Exporter interface to generate reports in proprietary formats (e.g., client-specific templates, GRC platform imports).

Notification channels

Custom notification providers beyond the built-in Slack/Teams/webhook. Implement the Notifier interface for PagerDuty, OpsGenie, custom ticketing systems.

YAML template example

id: custom-admin-panel
info:
  name: Custom Admin Panel Detection
  severity: medium
  tags: discovery, admin

http:
  - method: GET
    path:
      - "{{BaseURL}}/admin"
      - "{{BaseURL}}/management"
    matchers:
      - type: status
        status: [200, 301, 302]
      - type: word
        words: ["login", "admin", "dashboard"]
        condition: or

Plugin management

  • Install — Place YAML templates in ~/.ravenscan/plugins/ or compiled plugins in ~/.ravenscan/plugins/bin/
  • Listravenscan plugins list shows all loaded plugins with type, version and status
  • Enable/disable — Toggle plugins per scan with --plugins custom-admin-panel,my-auditor or --skip-plugins default-creds
  • Updateravenscan plugins update fetches the latest community templates (opt-in)

Security

  • Compiled plugins run in a sandboxed process with restricted syscalls (seccomp)
  • YAML templates cannot execute arbitrary code — only HTTP requests with matchers
  • Plugin source verification via SHA-256 checksums
  • All plugin executions are logged with timing and results

Need help building custom plugins? Contact [email protected]. For Enterprise licensing, reach out to [email protected].