Overview
This node integrates with the "Unauthor" tool, which is designed to detect unauthorized access to assets. It runs a command-line process that checks specified targets for unauthorized access using a selected type (currently only "Redis" is supported). The node processes input data representing asset hosts and ports, executes the Unauthor scan on them, and returns the results indicating whether unauthorized access was found.
Common scenarios where this node is beneficial include:
- Security teams automating scans for unauthorized Redis instances in their infrastructure.
- SOAR (Security Orchestration, Automation, and Response) workflows that need to identify potential security risks by detecting open or misconfigured services.
- Automated asset discovery and vulnerability assessment pipelines.
Practical example:
- Input a list of Redis server addresses; the node runs concurrent scans to check if any are accessible without proper authorization, returning success status and response details per target.
Properties
| Name | Meaning |
|---|---|
| Only Success | Boolean flag to filter output to only successful scan results (true/false). |
| Type | The type of service to scan. Currently supports only "Redis". |
| Options | A collection of command-line options to customize the scan: |
- --concurrent: Number of concurrent scans (default 20). |
|
- --timeout: Timeout in seconds for each scan (default 10s). |
|
| Advanced Config | Advanced configuration including environment variables, files to be used during execution, and file collection settings. |
| Debug Mode | Boolean flag to enable debug mode, which provides more detailed information in node input and output. |
Output
The node outputs an array of items corresponding to the input targets. Each item contains:
jsonfield with:- Original input host and port information.
response: An object containing the scan result for that target, parsed from JSON output of the Unauthor tool.success: A boolean indicating whether the scan detected unauthorized access successfully.
No binary data output is produced by this node.
Dependencies
- Requires the Unauthor CLI tool to be available and executable in the environment where n8n runs.
- No external API keys or credentials are directly required by the node itself.
- The node uses internal runner and proxy classes to execute the Unauthor command with provided parameters.
- Environment variables and additional files can be configured via the "Advanced Config" property to influence execution context.
Troubleshooting
Common issues:
- If the Unauthor CLI is not installed or not in the system PATH, the node will fail to run the command.
- Incorrect formatting of input host and port data may cause parsing errors or empty results.
- Setting invalid option values (e.g., non-numeric concurrency) might lead to command execution errors.
Error messages:
- Errors related to command execution failure usually indicate missing dependencies or incorrect command options.
- JSON parsing errors in output suggest unexpected or malformed output from the Unauthor tool.
Resolutions:
- Ensure the Unauthor CLI is properly installed and accessible.
- Validate input data format before running the node.
- Use debug mode to get detailed logs for troubleshooting.
Links and References
- Unauthor GitHub Repository — Official source and documentation for the Unauthor tool.