def single(target_url, json_output, debug, rule_file, merge, junit): """ Scan a single http(s) endpoint with drheader. NOTE: URL parameters are currently only supported on bulk scans. """ if debug: logging.basicConfig(level=logging.DEBUG) logging.debug('Validating: {}'.format(target_url)) if not validators.url(target_url): raise click.ClickException( message='"{}" is not a valid URL.'.format(target_url)) rules = load_rules(rule_file, merge) try: logging.debug('Querying headers...') drheader_instance = Drheader(url=target_url) except Exception as e: if debug: raise click.ClickException(e) else: raise click.ClickException('Failed to get headers.') try: logging.debug('Analyzing headers...') drheader_instance.analyze(rules) except Exception as e: if debug: raise click.ClickException(e) else: raise click.ClickException('Failed to analyze headers.') if json_output: click.echo(json.dumps(drheader_instance.report)) else: click.echo() if not drheader_instance.report: click.echo('No issues found!') else: click.echo('{0} issues found'.format(len( drheader_instance.report))) for i in drheader_instance.report: values = [] for k, v in i.items(): values.append([k, v]) click.echo('----') click.echo(tabulate(values, tablefmt="presto")) if junit: file_junit_report(rules, drheader_instance.report) return 0
def setUp(self): with open( os.path.join(os.path.dirname(__file__), 'testfiles/default_rules.yml'), 'r') as f: self.rules = yaml.safe_load(f.read())['Headers'] f.close() with open( os.path.join(os.path.dirname(__file__), 'testfiles/example_report.json'), 'r') as f: self.report = json.loads(f.read()) f.close() file_junit_report(self.rules, self.report) with open('reports/junit.xml', 'r') as f: self.xml = f.read() f.close()
def single(ctx, target_url, json_output, debug, rule_file, rule_uri, merge, junit): """ Scan a single http(s) endpoint with drheader. NOTE: URL parameters are currently only supported on bulk scans. """ exit_code = EXIT_CODE_NO_ERROR if debug: logging.basicConfig(level=logging.DEBUG) logging.debug('Validating: {}'.format(target_url)) if not validators.url(target_url): raise click.ClickException( message='"{}" is not a valid URL.'.format(target_url)) if rule_uri and not rule_file: if not validators.url(rule_uri): raise click.ClickException( message='"{}" is not a valid URL.'.format(rule_uri)) try: rule_file = get_rules_from_uri(rule_uri) except Exception as e: if debug: raise click.ClickException(e) else: raise click.ClickException( 'No content retrieved from rules-uri.') rules = load_rules(rule_file, merge) try: logging.debug('Querying headers...') drheader_instance = Drheader(url=target_url, verify=ctx.obj['verify']) except Exception as e: if debug: raise click.ClickException(e) else: raise click.ClickException('Failed to get headers.') try: logging.debug('Analyzing headers...') drheader_instance.analyze(rules) except Exception as e: if debug: raise click.ClickException(e) else: raise click.ClickException('Failed to analyze headers.') if drheader_instance.report: exit_code = EXIT_CODE_FAILURE if json_output: click.echo(json.dumps(drheader_instance.report)) else: click.echo() if not drheader_instance.report: click.echo('No issues found!') else: click.echo('{0} issues found'.format(len( drheader_instance.report))) for i in drheader_instance.report: values = [] for k, v in i.items(): values.append([k, v]) click.echo('----') click.echo(tabulate(values, tablefmt="presto")) if junit: file_junit_report(rules, drheader_instance.report) sys.exit(exit_code)