zapr 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2e1ae8dc8b0819cefc7cd6d1e6103f1708b09169
-  data.tar.gz: 8d4cac8901d6b6acba724d966841ed8f1de23dff
+  metadata.gz: 92f45a3d03cd3a44bc991bdc30055ecb6cc9365c
+  data.tar.gz: ca6fad5edb2c94446ed5a7b1b2d2141a92ffefd9
 SHA512:
-  metadata.gz: 110521941858eb5de9703e585cd08c2774ee97ea1687a08212c5a2ca7159ee0f6567ada937f4bd4e9209910f061b64895a21c6ff824fa745607bd2a79277410d
-  data.tar.gz: 51db8e7b0a3abc1332a6e6cc31ad473416dcad2c863afdedcfb56866325ff7facb64020a13a8c4fb1d3926fa35ac1ffff5230a3186b925cbfc5f16895142d650
+  metadata.gz: 10707bf88999c4a791042fdfcb358c47b0f403229e78f4734af5fd8350bf105245e81ec2715a73e913bf811298c60b4af04fcabf43d00c6c634507be2a3b6467
+  data.tar.gz: 183d436e5503bf76e060f9b46ea465bc0fd77235fd283318a340799afac87f2ec148d7bb16ac8d95faeff5c27ad35dd28a93313d8c8c8fa20ecb9383ea5ea756

data/README.md

@@ -1,3 +1,10 @@
+[![Dependency
+Status](https://gemnasium.com/garethr/zapr.svg)](https://gemnasium.com/garethr/zapr)
+[![Gem
+Version](https://badge.fury.io/rb/zapr.svg)](http://badge.fury.io/rb/zapr)
+[![Code
+Climate](https://codeclimate.com/github/garethr/zapr.png)](https://codeclimate.com/github/garethr/zapr)
+
 # Zapr
 
 A command line tool that:
@@ -47,6 +54,12 @@ Options:
     -h, --help                    print help
 ```
 
+## Example
+
+An example of Zapr running on
+[Travis](https://travis-ci.org/garethr/zapr-example) against
+[Railsgoat](https://github.com/OWASP/railsgoat) can be found at
+[garethr/zapr-example](https://github.com/garethr/zapr-example).
 
 
 ## Installation

data/lib/zapr.rb

@@ -20,6 +20,7 @@ module Zapr
     parameter "TARGET", "Web address to scan and attack with ZAP", :attribute_name => :target
 
     def execute
+      signal_usage_error "Path to ZAP must be set" unless zap_path
       signal_usage_error "Path to ZAP does not exist" unless File.file?(zap_path)
       signal_usage_error "Invalid target URL" unless target =~ /\A#{URI::regexp(['http', 'https'])}\z/
       begin
@@ -27,16 +28,22 @@ module Zapr
         debug? ? zap.start : dev_null { zap.start }
         zap.spider
         zap.attack
-        puts summary? ? zap.summary : zap.alerts
+        puts summary? ? zap.summary : zap.pretty_alerts
       rescue Timeout::Error
         puts "=====> Timeout".red
         puts "the execution of the spider or scan took too long"
+        exit 124
       rescue Exception => e
         puts "=====> An error occured".red
         puts e.message
+        puts e.backtrace.join("\n")
+        exit 125
       ensure
         zap.shutdown if defined? zap
       end
+      puts "code is"
+      puts zap.exit_code
+      exit zap.exit_code
     end
 
   end

data/lib/zapr/version.rb

@@ -1,3 +1,3 @@
 module Zapr
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

data/lib/zapr/zap.rb

@@ -40,13 +40,24 @@ module Zapr
       @proxy.shutdown
     end
 
-    def alerts
-      JSON.pretty_generate(JSON.parse(@proxy.alerts.view))
+    def pretty_alerts
+      JSON.pretty_generate(alerts)
     end
 
-    def summary
+    def alerts
       alerts = JSON.parse(@proxy.alerts.view)['alerts']
       alerts.sort_by! { |item| item["risk"] }
+    end
+
+    def exit_code
+      high = 0
+      alerts.each do |alert|
+        high += 1 if alert['risk'] == 'High'
+      end
+      return high
+    end
+
+    def summary
       sorted = alerts.group_by { |item| item["alert"] }
       Terminal::Table.new :headings => ['Alert', 'Risk', 'URL'] do |t|
         sorted.each_with_index do |(alert_name, grouped_alerts), index|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: zapr
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Gareth Rushgrove
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-06-01 00:00:00.000000000 Z
+date: 2014-06-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler