HawkScan

StackHawk provides dynamic application vulnerability scanning from development to production.

• ⚡ Dynamic Application Scanning: Use HawkScan to find and fix security bugs in your web apps, before you push to production. Think of it as security integration testing. Get started⁠ with your first scan in minutes.
• 🦸 Built for Modern Dev Teams: Automate scans with Docker commands, manage configs via YAML, and add app scanning as a build stage. We're built for dev teams that care about security and quality.
• 🧰 Vulnerability Management: Document for compliance. Prioritize and manage fixes with integrations to existing ticketing tools. Point in time assessments are a thing of the past - there is a better way.

Use the HawkScan command line tool to run application scans manually or through automation.

Getting Started

Running HawkScan requires a stackhawk.yml configuration⁠ in your project repo. Additional details on the YAML configuration can be found in the documentation linked below.

Once the stackhawk.yml configuration is in place, run the following command to scan your application:

docker run --rm -v $(pwd):/hawk:rw -it stackhawk/hawkscan

Documentation

Checkout the complete Hawkdocs documentation at docs.stackhawk.com⁠

Legal

StackHawk Terms of Service⁠