def test_scan_list(self):
httpretty.register_uri(httpretty.GET, self.get_url("/"), body=INDEX_RESPONSE, content_type="application/json")
httpretty.register_uri(
httpretty.GET, self.get_url("/version"), body=VERSION_RESPONSE, content_type="application/json"
)
httpretty.register_uri(
httpretty.GET, self.get_url("/scans/"), body=SCAN_LIST_RESPONSE, content_type="application/json"
)
httpretty.register_uri(
httpretty.DELETE, self.get_url("/scans/1"), body=SCAN_LIST_RESPONSE, content_type="application/json"
)
httpretty.register_uri(
httpretty.GET, self.get_url("/scans/0/stop"), body=SCAN_LIST_RESPONSE, content_type="application/json"
)
conn = Connection(self.api_url)
scans = conn.get_scans()
running_scan = scans[0]
stopped_scan = scans[1]
running_scan.stop()
self.assertEqual(httpretty.last_request().path, "/scans/0/stop")
stopped_scan.cleanup()
self.assertEqual(httpretty.last_request().path, "/scans/1")
self.assertEqual(httpretty.last_request().method, "DELETE")
def get_server_status(self, server):
try:
conn = Connection(server.host)
#add auth
scan = Scan(conn)
scan.scan_id = conn.get_scans()[0].scan_id
scan.running = conn.get_scans()[0].status
except:
scan = None
return scan
def test_scan_list(self):
httpretty.register_uri(httpretty.GET,
self.get_url('/'),
body=INDEX_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.GET,
self.get_url('/version'),
body=VERSION_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.GET,
self.get_url('/scans/'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
conn = Connection(self.api_url)
scans = conn.get_scans()
self.assertEqual([s.status for s in scans], ['Running', 'Stopped'])
self.assertEqual([s.scan_id for s in scans], [0, 1])
def test_scan_list(self):
responses.add(responses.GET,
self.get_url('/'),
body=INDEX_RESPONSE,
content_type='application/json')
responses.add(responses.GET,
self.get_url('/version'),
body=VERSION_RESPONSE,
content_type='application/json')
responses.add(responses.GET,
self.get_url('/scans/'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
responses.add(responses.DELETE,
self.get_url('/scans/1'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
responses.add(responses.GET,
self.get_url('/scans/0/stop'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
conn = Connection(self.api_url)
scans = conn.get_scans()
running_scan = scans[0]
stopped_scan = scans[1]
running_scan.stop()
self.assertEqual(responses.calls[-1].request.path_url, '/scans/0/stop')
stopped_scan.cleanup()
self.assertEqual(responses.calls[-1].request.path_url, '/scans/1')
self.assertEqual(responses.calls[-1].request.method, 'DELETE')
def test_scan_list(self):
httpretty.register_uri(httpretty.GET,
self.get_url('/'),
body=INDEX_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.GET,
self.get_url('/version'),
body=VERSION_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.GET,
self.get_url('/scans/'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.DELETE,
self.get_url('/scans/1'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
httpretty.register_uri(httpretty.GET,
self.get_url('/scans/0/stop'),
body=SCAN_LIST_RESPONSE,
content_type='application/json')
conn = Connection(self.api_url)
scans = conn.get_scans()
running_scan = scans[0]
stopped_scan = scans[1]
running_scan.stop()
self.assertEqual(httpretty.last_request().path, '/scans/0/stop')
stopped_scan.cleanup()
self.assertEqual(httpretty.last_request().path, '/scans/1')
self.assertEqual(httpretty.last_request().method, 'DELETE')
#!/usr/bin/python
from w3af_api_client import Connection, Scan
# Connect to the REST API and get it's version
conn = Connection('http://127.0.0.1:5000/')
print conn.get_version()
#scan = Scan(conn)
#scan.start(scan_profile, target_urls)
scans = conn.get_scans()
for scan in scans:
# print scan.get_urls()
for vuln in scan.get_findings():
for key in vuln.resource_data:
print key, ": ", vuln.resource_data[key]
try:
traffic = vuln.get_traffic()
for raw_data in (traffic):
print "Request: ", raw_data.request, "\n"
print "Response: ", raw_data.response, "\n"
except:
print "No data, check manually the provided link"
# break
