add words for custom spider in javaSpringVulny

Author: untra

README.md

@@ -140,4 +140,15 @@ docker run --tty --rm --network host --volume $(pwd):/hawk \
   --env APP_ID \
   --env AUTH_TOKEN \
   stackhawk/hawkscan stackhawk.d/stackhawk.yml stackhawk.d/stackhawk-auth-basic.yml
-```
+```
+
+### Example Specs
+
+By default HawkScan will run with the `stackhawk.yml` file if it's defined and present, but can instead use named specs such as `hawk scan stackhawk.yml`
+
+`stackhawk-openapi.yml` - scan with OpenAPI configuration
+`stackhawk-custom-spider.yml` scan with Custom Discovery using newman
+`stackhawk-auth-script-form-multi.yml` scripted authentication 
+`stackhawk-jsv-form-cookie.yml` scan with form authentication and cookie authorization
+`stackhawk-jsv-json-token` scan with JSON authentication and token authorization
+`stackhawk-ajax.yml` - scan with the ajax spider

stackhawk-custom-spider.yml

@@ -29,6 +29,9 @@ hawk:
     maxDurationMinutes: 5
     base: false
     custom:
-      command: newman run javaspringvulny_postman_collection.json --verbose --global-var baseUrl=${APP_HOST:https://localhost:9000} --ssl-extra-ca-certs $PROXY_CA_CERT 
-      environment:
-        NODE_TLS_REJECT_UNAUTHORIZED: 0
+      command: curl -x $HTTP_PROXY 
+      command: newman run javaspringvulny_postman_collection.json --verbose --global-var baseUrl=${APP_HOST:https://localhost:9000} --insecure
+      logOutputToForeground: true
+      credentials:
+        SHOULD_BE_REDACTED: 'my-secret-password'
+