Skip to content

Commit

Permalink
Added the capability to selectively add active scan
Browse files Browse the repository at this point in the history
  • Loading branch information
@kasunkv
kasunkv committed Aug 26, 2017
1 parent a9f9266 commit 317e5ae
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 8 deletions.
7 changes: 5 additions & 2 deletions buildtask/OwaspZapScan/owaspzapscan.ts
View file
Expand Up @@ -25,6 +25,7 @@ async function run(): Promise<void> {
let contextName: string = Task.getInput('ContextName');

/* Active Scan Options inputs */
let executeActiveScan: boolean = Task.getBoolInput('ExecuteActiveScan');
let contextId: string = Task.getInput('ContextId');
let recurse: boolean = Task.getBoolInput('Recurse');
let inScopeOnly: boolean = Task.getBoolInput('InScopeOnly');
Expand All @@ -50,8 +51,10 @@ async function run(): Promise<void> {
}

/* Add the Active Scan */
let activeScan: ActiveScan = new ActiveScan(zapApiUrl, zapApiKey, targetUrl, contextId, recurse, inScopeOnly, scanPolicyName, method, postData);
selectedScans.push(activeScan);
if (executeActiveScan) {
let activeScan: ActiveScan = new ActiveScan(zapApiUrl, zapApiKey, targetUrl, contextId, recurse, inScopeOnly, scanPolicyName, method, postData);
selectedScans.push(activeScan);
}

/* Execute the Scans */
for (let i: number = 0; i < selectedScans.length; i++) {
Expand Down
26 changes: 20 additions & 6 deletions buildtask/OwaspZapScan/task.json
View file
Expand Up @@ -120,14 +120,23 @@
"groupName": "spiderScanOptions",
"helpMarkDown": "Set to limit the number of children scanned.",
"visibleRule": "ExecuteSpiderScan = true"
},
},
{
"name": "ExecuteActiveScan",
"type": "boolean",
"label": "Execute Active Scan",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Enable to run a active scan on the target."
},
{
"name": "ContextId",
"type": "string",
"label": "Context ID",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Context identifier of the Scan context"
"helpMarkDown": "Context identifier of the Scan context",
"visibleRule": "ExecuteActiveScan = true"
},
{
"name": "Recurse",
Expand All @@ -136,31 +145,35 @@
"defaultValue": "true",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Set recurse option to scan URLs under the given target URL"
"helpMarkDown": "Set recurse option to scan URLs under the given target URL",
"visibleRule": "ExecuteActiveScan = true"
},
{
"name": "InScopeOnly",
"type": "boolean",
"label": "In Scope Only",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Set In Scope only to true to constrain the scan to URLs that are in scope (ignored if a Context is specified)"
"helpMarkDown": "Set In Scope only to true to constrain the scan to URLs that are in scope (ignored if a Context is specified)",
"visibleRule": "ExecuteActiveScan = true"
},
{
"name": "ScanPolicyName",
"type": "string",
"label": "Scan Policy Name",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Scan Policy Name allows to specify the scan policy (if none is given it uses the default scan policy)"
"helpMarkDown": "Scan Policy Name allows to specify the scan policy (if none is given it uses the default scan policy)",
"visibleRule": "ExecuteActiveScan = true"
},
{
"name": "Method",
"type": "string",
"label": "Method",
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Allow you to select a given request in conjunction with the given URL"
"helpMarkDown": "Allow you to select a given request in conjunction with the given URL",
"visibleRule": "ExecuteActiveScan = true"
},
{
"name": "PostData",
Expand All @@ -169,6 +182,7 @@
"required": false,
"groupName": "activeScanOptions",
"helpMarkDown": "Allow you to select a given request in conjunction with the given URL",
"visibleRule": "ExecuteActiveScan = true",
"properties": {
"resizable": true,
"rows" : "10"
Expand Down

0 comments on commit 317e5ae

Please sign in to comment.