SARA Extensions are user developed SARA subprograms that will integrate easily into the SARA operational environment. The SARA architecure allows for the easy enabling/disabling of extensions. Extensions would be developed where the user wants specific testing of remote services that are not offered by SARA. Extensions have been a part of SARA Pro since Version 2.4.1. We are now offering the interface to SARA (starting with Version 2.1.6).
We provide a sample extension in bin/sample.sara.ext with copious comments that describe the steps required to build an extension. The sample extension contains code that performs a simple http vulnerability test. Once you have written the extension, you need to "tell" SARA when to execute it. An entry for our sample extension is in rules/todo. Lastly, you need to enable extension processing by setting to 1 the $enable_extensions variable in config/sara.cf and then running perl reconfig. Note that all SARA extensions should end in .ext
SATAN modules should work without difficulty if they are renamed to *.sara.ext and they contain the enabling logic. The same is true of SAINT modules as long as they don't pass the firewall or heavy+ flags through the command line. SARA passes these parameters through perl environment variables.
Yep. We ask that you submit your extension to the SARA list server at sara-l@mail-arc.com and request user testing and comments. Given a successful test, your extension will beicome a SARA subprogram in the next release. Of course you will get full credit for it. However, you will have to comply with the license.