Skip to main content

How to run the HawkScan CLI on Ubuntu

How to set up the HawkScan CLI on Ubuntu (natively or on Windows / WSL)

AJ avatar
Written by AJ
Updated over 2 years ago

Description

Ubuntu users wishing to install the HawkScan CLI may do so conveniently with a combination of:

Procedure (Ubuntu)

The procedure below uses apt to install openjdk; various other methods could be used as well, so long as the end results are:

  • A full openjdk is installed (a JRE only is insufficient)

  • java -version returns the installed openjdk

  • java itself is in $PATH

  • hawk is in $PATH

--

Steps:

  1. Install openjdk with apt

    1. update apt: sudo apt update && sudo apt upgrade -y

    2. locate available openjdk versions: apt-cache search openjdk

    3. install latest openjdk version (e.g., 17): sudo apt-get install openjdk-17-jdk -y

      1. this will also add the openjdk to $PATH automatically

  2. sudo apt get install unzip (if unzip isn't installed)

  3. Install the ZIP file (2.6.0 example below; the zip file and directory name will change over time)

    1. curl -v https://download.stackhawk.com/hawk/cli/hawk-2.6.0.zip -o hawk-2.6.0.zip

    2. unzip hawk-2.6.0.zip

    3. Add hawk to $PATH:

      1. echo "export PATH=$HOME/hawk-2.6.0:$PATH" >> ~/.bash_profile

      2. source ~/.bash_profile

  4. Confirm that the hawk dir and java dir are in the echo $PATH output

  5. Run hawk version – should output a version (e.g., v2.6.0)

  6. Run hawk init

    1. Add API KEY

  7. Scan yer apps!!

--

Example command outputs when all elements are in place:

dan@DESKTOP:~$ java -version
openjdk version "17.0.4" 2022-07-19
OpenJDK Runtime Environment (build 17.0.4+8-Ubuntu-120.04)
OpenJDK 64-Bit Server VM (build 17.0.4+8-Ubuntu-120.04, mixed mode, sharing)

dan@DESKTOP:~$ which java
/bin/java

dan@DESKTOP:~$ echo $PATH
/home/dan/hawk-2.6.0:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin

dan@DESKTOP:~$ hawk version
v2.6.0

Notes:

Procedure (Ubuntu on WSL on Windows)

Simply pre-pend the above procedure with the following step:

  1. Enable WSL and install Ubuntu

Other Windows notes:

  • If scanning a local application, Windows Firewall may intercept you when you first run hawk scan and require you to allow java to access the host endpoint

  • When manipulating configuration files, note that the underlying Windows filesystem may be accessible via the /mnt filesystem, allowing you to pull Windows files into the linux directories you're scanning from

    • for instance, you could copy yml files from your Documents folder into your Ubuntu user's home dir:

      • cp /mnt/c/Users/Dan/Documents/stackhawk.yml ~

Related Articles
HawkScan CLI unexpectedly requests Git password or token when running a scan
How to run the HawkScan CLI on Windows (Powershell)
Authenticating HawkScan to applications using token injection
'hawk.ps1 cannot be loaded' error when running the hawk command with PowerShell
Did this answer your question?