Class: OwaspZap::Zap

Inherits:
Object
  • Object
show all
Defined in:
lib/owasp_zap.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(params = {}) ⇒ Zap

Returns a new instance of Zap.



20
21
22
23
24
25
26
 
# File 'lib/owasp_zap.rb', line 20

def initialize(params = {})
    #TODO
    # handle params
    @base = params[:base] || "http://127.0.0.1:8080/JSON"
    @target = params[:target]
    @zap_bin = params [:zap] || "#{ENV['HOME']}/ZAP/zap.sh"
end

Instance Attribute Details

#baseObject

Returns the value of attribute base.



18
19
20
 
# File 'lib/owasp_zap.rb', line 18

def base
  @base
end

#targetObject

Returns the value of attribute target.



18
19
20
 
# File 'lib/owasp_zap.rb', line 18

def target
  @target
end

Instance Method Details

#alertsObject 



54
55
56
 
# File 'lib/owasp_zap.rb', line 54

def alerts
    Zap::Alert.new(:base=>@base,:target=>@target)
end

#ascanObject

attack



59
60
61
 
# File 'lib/owasp_zap.rb', line 59

def ascan
    Zap::Attack.new(:base=>@base,:target=>@target)
end

#authObject 



67
68
69
 
# File 'lib/owasp_zap.rb', line 67

def auth
    Zap::Auth.new(:base=>@base) 
end

#ok?(json_data) ⇒ Boolean

Returns:

  • (Boolean) 


41
42
43
 
# File 'lib/owasp_zap.rb', line 41

def ok?(json_data)
    json_data.is_a?(Hash) and json_data[0] == "OK"
end

#running?Boolean

Returns:

  • (Boolean) 


45
46
47
48
49
50
51
52
 
# File 'lib/owasp_zap.rb', line 45

def running?
    begin
        response = RestClient::get "#{@base}"
    rescue Errno::ECONNREFUSED
        return false
    end
    response.code == 200
end

#shutdownObject

shutdown zap



85
86
87
 
# File 'lib/owasp_zap.rb', line 85

def shutdown
    RestClient::get "#{@base}/core/action/shutdown/"
end

#spiderObject 



63
64
65
 
# File 'lib/owasp_zap.rb', line 63

def spider
    Zap::Spider.new(:base=>@base,:target=>@target)
end

#start(params = {}) ⇒ Object

TODO DOCUMENT the step necessary: install ZAP under $home/ZAP or should be passed to new as :zap parameter



73
74
75
76
77
78
79
80
81
82
 
# File 'lib/owasp_zap.rb', line 73

def start(params = {})
    cmd_line = if params.key? :daemon
        "#{@zap_bin} -daemon"
    else
        @zap_bin
    end
    fork do
       exec cmd_line
    end
end

#status_for(component) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/owasp_zap.rb', line 28

def status_for(component)
    case component
    when :ascan
        Zap::Attack.new(:base=>@base,:target=>@target).status
    when :spider
        Zap::Spider.new(:base=>@base,:target=>@target).status
    when :scan
        Zap::Scan.new(:base=>@base,:target=>@target).status
    else
        {:status=>"unknown component"}.to_json
    end

end

#xml_reportObject

xml report maybe it should be refactored to alert.



91
92
93
 
# File 'lib/owasp_zap.rb', line 91

def xml_report
    RestClient::get "#{@base}/OTHER/core/other/xmlreport/"
end