def _wait_for_passive_scan(self):
limit = self.config.get("passive_scan_wait_threshold", 0)
status.wait_for_completion(
lambda: int(self._zap_api.pscan.records_to_scan) > limit,
lambda: int(self._zap_api.pscan.records_to_scan),
"Passive scan queue: %d items",
limit=self.config.get("passive_scan_wait_limit", None))
def _active_scan(self):
log.info("Active scan against target %s", self.config.get("target"))
if self.config.get("auth_script", None):
scan_id = self._zap_api.ascan.scan_as_user(
self.config.get("target"),
self._zap_context,
self._zap_user,
recurse=True,
scanpolicyname=self._scan_policy_name)
else:
scan_id = self._zap_api.ascan.scan(
self.config.get("target"),
scanpolicyname=self._scan_policy_name)
#
try:
int(scan_id)
except: # pylint: disable=W0702
log.warning(
"ZAP failed to return scan ID (scan_id=%s). Please check that target URL is accessible from Carrier DAST container",
scan_id) # pylint: disable=C0301
return
#
status.wait_for_completion(
lambda: int(self._zap_api.ascan.status(scan_id)) < 100,
lambda: int(self._zap_api.ascan.status(scan_id)),
"Active scan progress: %d%%")
def _ajax_spider(self):
log.info("Ajax spidering target: %s", self.config.get("target"))
if self.config.get("auth_script", None):
self._zap_api.ajaxSpider.scan_as_user(self._zap_context_name,
"dusty_user",
self.config.get("target"),
subtreeonly=True)
else:
self._zap_api.ajaxSpider.scan(self.config.get("target"))
status.wait_for_completion(
lambda: self._zap_api.ajaxSpider.status == 'running',
lambda: int(self._zap_api.ajaxSpider.number_of_results),
"Ajax spider found: %d URLs")
def _spider(self):
log.info("Spidering target: %s", self.config.get("target"))
if self.config.get("auth_script", None):
scan_id = self._zap_api.spider.scan_as_user(
self._zap_context, self._zap_user, self.config.get("target"),
recurse=True, subtreeonly=True
)
else:
scan_id = self._zap_api.spider.scan(self.config.get("target"))
status.wait_for_completion(
lambda: int(self._zap_api.spider.status(scan_id)) < 100,
lambda: int(self._zap_api.spider.status(scan_id)),
"Spidering progress: %d%%"
)
def _active_scan(self):
log.info("Active scan against target %s", self.config.get("target"))
if self.config.get("auth_script", None):
scan_id = self._zap_api.ascan.scan_as_user(
self.config.get("target"), self._zap_context, self._zap_user, recurse=True,
scanpolicyname=self._scan_policy_name
)
else:
scan_id = self._zap_api.ascan.scan(
self.config.get("target"),
scanpolicyname=self._scan_policy_name
)
status.wait_for_completion(
lambda: int(self._zap_api.ascan.status(scan_id)) < 100,
lambda: int(self._zap_api.ascan.status(scan_id)),
"Active scan progress: %d%%"
)
def _spider(self):
log.info("Spidering target: %s", self.config.get("target"))
if self.config.get("auth_script", None):
scan_id = self._zap_api.spider.scan_as_user(
self._zap_context,
self._zap_user,
self.config.get("target"),
recurse=True,
subtreeonly=True)
else:
scan_id = self._zap_api.spider.scan(self.config.get("target"))
#
try:
int(scan_id)
except: # pylint: disable=W0702
log.warning(
"ZAP failed to return scan ID (scan_id=%s). Please check that target URL is accessible from Carrier DAST container",
scan_id) # pylint: disable=C0301
return
#
status.wait_for_completion(
lambda: int(self._zap_api.spider.status(scan_id)) < 100,
lambda: int(self._zap_api.spider.status(scan_id)),
"Spidering progress: %d%%")
def _wait_for_passive_scan(self):
status.wait_for_completion(
lambda: int(self._zap_api.pscan.records_to_scan) > 0,
lambda: int(self._zap_api.pscan.records_to_scan),
"Passive scan queue: %d items"
)
