owasp_zap 0.0.92 → 0.0.93
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -2
- data/lib/owasp_zap/scanner.rb +30 -0
- data/lib/owasp_zap/version.rb +1 -1
- data/lib/owasp_zap.rb +5 -0
- data/spec/scanner_spec.rb +21 -0
- metadata +5 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4c0be2d9be7723a3c4aec0b6852eb66327cfbac0
|
|
4
|
+
data.tar.gz: c6bde44fad6b0aaba6557efe2ae3380cc578ea4a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ccf28c761a1fb3248fe8c02c753400d3d469c5275bb52e17785fe24211ff1e2822462e28d822099bc7ba2cc507f6e3c232042932dec95a8bff3288facb8f7dc3
|
|
7
|
+
data.tar.gz: 1b4ef5d319cf28f10810a3dd2a70218dcd34bf81627c2a9d2344913026807b8874bc28a2495c181641cf92d8c2dc8ab6091d731cba966572104c30d318b19281
|
data/README.md
CHANGED
|
@@ -28,8 +28,9 @@ Or install it yourself as:
|
|
|
28
28
|
|
|
29
29
|
include OwaspZap
|
|
30
30
|
|
|
31
|
-
z = Zap.new :target=>'http://xxx.xxx.xxx' #create new Zap instance with default params
|
|
32
|
-
z = Zap.new :target=>'http://yyy.yyy.yyy', :zap=>"/usr/share/owasp-zap/zap.sh" #if you got my obs package
|
|
31
|
+
z = Zap.new :target=>'http://xxx.xxx.xxx' # create new Zap instance with default params
|
|
32
|
+
z = Zap.new :target=>'http://yyy.yyy.yyy', :zap=>"/usr/share/owasp-zap/zap.sh" # if you got my obs package
|
|
33
|
+
z = Zap.new :output=>'logfile.txt' # it will log the stdout log from Zap Proxy to a file
|
|
33
34
|
z.start # start interactive
|
|
34
35
|
# TODO
|
|
35
36
|
# document it further :)
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
module OwaspZap
|
|
2
|
+
# TODO
|
|
3
|
+
# maybe create a policy class as well
|
|
4
|
+
class Scanner
|
|
5
|
+
def initialize(params = {})
|
|
6
|
+
@base = params[:base]
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def view(policy_id = 0)
|
|
10
|
+
# http://127.0.0.1:8080/JSON/ascan/view/scanners/?zapapiformat=JSON&policyId=0
|
|
11
|
+
url = Addressable::URI.parse("#{@base}/JSON/ascan/view/scanners/")
|
|
12
|
+
url.query_values = {:zapapiformat=>"JSON",:policyId=>policy_id}
|
|
13
|
+
RestClient::get url.normalize.to_str
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def disable(policy_ids=[0])
|
|
17
|
+
# http://127.0.0.1:8080/JSON/ascan/action/disableScanners/?zapapiformat=JSON&ids=0
|
|
18
|
+
url = Addressable::URI.parse("#{@base}/JSON/ascan/action/disableScanners/")
|
|
19
|
+
url.query_values = {:zapapiformat=>"JSON",:ids=>policy_ids.join(',')}
|
|
20
|
+
RestClient::get url.normalize.to_str
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def enable(policy_ids=[0])
|
|
24
|
+
# http://127.0.0.1:8080/JSON/ascan/action/enableScanners/?zapapiformat=JSON&ids=0
|
|
25
|
+
url = Addressable::URI.parse("#{@base}/JSON/ascan/action/enableScanners/")
|
|
26
|
+
url.query_values = {:zapapiformat=>"JSON",:ids=>policy_ids.join(',')}
|
|
27
|
+
RestClient::get url.normalize.to_str
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
data/lib/owasp_zap/version.rb
CHANGED
data/lib/owasp_zap.rb
CHANGED
|
@@ -11,6 +11,7 @@ require_relative "owasp_zap/spider"
|
|
|
11
11
|
require_relative "owasp_zap/attack"
|
|
12
12
|
require_relative "owasp_zap/alert"
|
|
13
13
|
require_relative "owasp_zap/auth"
|
|
14
|
+
require_relative "owasp_zap/scanner"
|
|
14
15
|
|
|
15
16
|
module OwaspZap
|
|
16
17
|
class ZapException < Exception;end
|
|
@@ -57,6 +58,10 @@ module OwaspZap
|
|
|
57
58
|
Zap::Alert.new(:base=>@base,:target=>@target)
|
|
58
59
|
end
|
|
59
60
|
|
|
61
|
+
def scanner
|
|
62
|
+
Zap::Scanner.new(:base=>@base)
|
|
63
|
+
end
|
|
64
|
+
|
|
60
65
|
#attack
|
|
61
66
|
def ascan
|
|
62
67
|
Zap::Attack.new(:base=>@base,:target=>@target)
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
require 'helper'
|
|
2
|
+
|
|
3
|
+
describe OwaspZap::Alert do
|
|
4
|
+
before do
|
|
5
|
+
@scanner = OwaspZap::Scanner.new :base=>"http://127.0.0.1:8080"
|
|
6
|
+
end
|
|
7
|
+
it "should not be_nil" do
|
|
8
|
+
refute @scanner.nil?
|
|
9
|
+
end
|
|
10
|
+
it "should respond_to view" do
|
|
11
|
+
@scanner.must_respond_to :view
|
|
12
|
+
end
|
|
13
|
+
it "enable should return true" do
|
|
14
|
+
stub_request(:get, "http://127.0.0.1:8080/JSON/ascan/action/enableScanners/?ids=0,1&zapapiformat=JSON").to_return(:status => 200, :body => "{\"Result\":\"OK\"}" , :headers => {})
|
|
15
|
+
@scanner.enable([0,1]).wont_be_nil
|
|
16
|
+
end
|
|
17
|
+
it "disable should return true" do
|
|
18
|
+
stub_request(:get, "http://127.0.0.1:8080/JSON/ascan/action/disableScanners/?ids=0,1&zapapiformat=JSON").to_return(:status => 200, :body => "{\"Result\":\"OK\"}" , :headers => {})
|
|
19
|
+
@scanner.disable([0,1]).wont_be_nil
|
|
20
|
+
end
|
|
21
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: owasp_zap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.93
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Victor Pereira
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2014-08-
|
|
11
|
+
date: 2014-08-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -126,6 +126,7 @@ files:
|
|
|
126
126
|
- lib/owasp_zap/attack.rb
|
|
127
127
|
- lib/owasp_zap/auth.rb
|
|
128
128
|
- lib/owasp_zap/error.rb
|
|
129
|
+
- lib/owasp_zap/scanner.rb
|
|
129
130
|
- lib/owasp_zap/spider.rb
|
|
130
131
|
- lib/owasp_zap/string_extension.rb
|
|
131
132
|
- lib/owasp_zap/version.rb
|
|
@@ -133,6 +134,7 @@ files:
|
|
|
133
134
|
- spec/alert_spec.rb
|
|
134
135
|
- spec/auth_spec.rb
|
|
135
136
|
- spec/helper.rb
|
|
137
|
+
- spec/scanner_spec.rb
|
|
136
138
|
- spec/zap_spec.rb
|
|
137
139
|
homepage: ''
|
|
138
140
|
licenses:
|
|
@@ -162,4 +164,5 @@ test_files:
|
|
|
162
164
|
- spec/alert_spec.rb
|
|
163
165
|
- spec/auth_spec.rb
|
|
164
166
|
- spec/helper.rb
|
|
167
|
+
- spec/scanner_spec.rb
|
|
165
168
|
- spec/zap_spec.rb
|