def main(argv):
config_read = None
config_write = None
target_url = None
try:
opts, args = getopt.getopt(argv, "t:c:g:dh")
except getopt.GetoptError:
usage()
sys.exit(StatusCode.other)
for opt, arg in opts:
if opt == '-t':
target_url = arg
elif opt == '-c':
config_read = arg
elif opt == '-g':
config_write = arg
elif opt == '-d':
logging.getLogger().setLevel(logging.DEBUG)
elif opt == '-h':
usage()
sys.exit(StatusCode.success)
# Init
zap = shared.init_zap()
# Only want to generate the config template?
if config_write is not None:
shared.write_config_file(config_write, zap)
sys.exit(StatusCode.success)
# Read user-defined rules for tagging scan results
config_dict = shared.read_config_file(
config_read) if config_read is not None else {}
# Setup session context + auth
target_url = normalize_input_url(target_url)
clean_zap_session(zap, target_url, config_dict)
def main(argv):
config_read = None
config_write = None
target_url = None
try:
opts, args = getopt.getopt(argv,"t:c:g:dh")
except getopt.GetoptError:
usage()
sys.exit(StatusCode.other)
for opt, arg in opts:
if opt == '-t':
target_url = arg
elif opt == '-c':
config_read = arg
elif opt == '-g':
config_write = arg
elif opt == '-d':
logging.getLogger().setLevel(logging.DEBUG)
elif opt == '-h':
usage()
sys.exit(StatusCode.success)
# Init
zap = shared.init_zap()
# Only want to generate the config template?
if config_write is not None:
shared.write_config_file(config_write, zap)
sys.exit(StatusCode.success)
# Read user-defined rules for tagging scan results
config_dict = shared.read_config_file(config_read) if config_read is not None else {}
# Setup session context + auth
target_url = normalize_input_url(target_url)
clean_zap_session(zap, target_url, config_dict)
def main(argv):
config_read = None
config_write = None
report_jira = False
ctx_targets = None
try:
opts, args = getopt.getopt(argv,"x:c:g:rdh")
except getopt.GetoptError:
usage()
sys.exit(StatusCode.other)
for opt, arg in opts:
if opt == '-x':
ctx_targets = arg
elif opt == '-c':
config_read = arg
elif opt == '-g':
config_write = arg
elif opt == '-d':
logging.getLogger().setLevel(logging.DEBUG)
elif opt == '-r':
report_jira = True
elif opt == '-h':
usage()
sys.exit(StatusCode.success)
# Init
zap = shared.init_zap()
# Only want to generate the config template?
if config_write is not None:
shared.write_config_file(config_write, zap)
sys.exit(StatusCode.success)
# Read user-defined rules for tagging scan results
config_dict = shared.read_config_file(config_read) if config_read is not None else {}
# >>>>>>>>>> DEBUG:
# zap.urlopen("http://example.com")
# zap.core.access_url(target, True) <- doesn't use zap proxy ?
# <<<<<<<<<< END DEBUG
# Scanning contexts, + auth setup
ctx_id, ctx_name = setup_zap_session_context(zap, ctx_targets)
user_id = setup_new_user(zap, ctx_id)
# Spider - Crawl links on webpages that we've accessed before
# Although, our original proxy traffic might be sufficient
if(ctx_targets is not None):
spider(zap, config.max_duration, ctx_id, ctx_name, user_id)
# Passive scan (wait to finish)
passive_scan(zap)
# Active scan all domains
active_scan_all(zap, config.max_duration, ctx_id, user_id)
if (len(zap.core.urls) == 0):
logging.warning('No URLs found - is the target accessible?')
else:
status_code, report_string = report_results(zap, config_dict)
if(report_jira):
create_jira_report(zap.core.htmlreport(), status_code == StatusCode.fail, report_string)
sys.exit(status_code)
sys.exit(StatusCode.other)
def main(argv):
config_read = None
config_write = None
report_jira = False
ctx_targets = None
try:
opts, args = getopt.getopt(argv,"x:c:g:rdh")
except getopt.GetoptError:
usage()
sys.exit(StatusCode.other)
for opt, arg in opts:
if opt == '-x':
ctx_targets = arg
elif opt == '-c':
config_read = arg
elif opt == '-g':
config_write = arg
elif opt == '-d':
logging.getLogger().setLevel(logging.DEBUG)
elif opt == '-r':
report_jira = True
elif opt == '-h':
usage()
sys.exit(StatusCode.success)
# Init
zap = shared.init_zap()
# Only want to generate the config template?
if config_write is not None:
shared.write_config_file(config_write, zap)
sys.exit(StatusCode.success)
# Read user-defined rules for tagging scan results
config_dict = shared.read_config_file(config_read) if config_read is not None else {}
# >>>>>>>>>> DEBUG:
# zap.urlopen("http://example.com")
# zap.core.access_url(target, True) <- doesn't use zap proxy ?
# <<<<<<<<<< END DEBUG
# Scanning contexts, + auth setup
ctx_id, ctx_name = setup_zap_session_context(zap, ctx_targets)
user_id = setup_new_user(zap, ctx_id)
# Spider - Crawl links on webpages that we've accessed before
# Although, our original proxy traffic might be sufficient
if(ctx_targets is not None):
spider(zap, config.max_duration, ctx_id, ctx_name, user_id)
# Passive scan (wait to finish)
passive_scan(zap)
# Active scan all domains
active_scan_all(zap, config.max_duration, ctx_id, user_id)
if (len(zap.core.urls) == 0):
logging.warning('No URLs found - is the target accessible?')
else:
status_code, report_string = report_results(zap, config_dict)
if(report_jira):
create_jira_report(zap.core.htmlreport(), status_code == StatusCode.fail, report_string)
sys.exit(status_code)
sys.exit(StatusCode.other)
