From 52a9e4b90e26abcb4bf091f490b17594eca4c735 Mon Sep 17 00:00:00 2001
From: Simon Bennetts <psiinon@gmail.com>
Date: Tue, 30 Sep 2025 15:31:22 +0100
Subject: [PATCH] Added Gin n Juice auth scan script

Signed-off-by: Simon Bennetts <psiinon@gmail.com>
---
 other/CHANGELOG.md                        |  3 ++
 other/af-plans/FullScanGinNJuiceAuth.yaml | 65 +++++++++++++++++++++++
 2 files changed, 68 insertions(+)
 create mode 100644 other/af-plans/FullScanGinNJuiceAuth.yaml

diff --git a/other/CHANGELOG.md b/other/CHANGELOG.md
index 4c0f9feb..88b45511 100644
--- a/other/CHANGELOG.md
+++ b/other/CHANGELOG.md
@@ -3,6 +3,9 @@ All notable changes to the 'other' section of this repository will be documented
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+### 2025-09-30
+- Added af-plans/FullScanGinNJuiceAuth.yaml
+
 ### 2025-02-21
 - Added af-plans/BrowserAuthTest.yaml
 
diff --git a/other/af-plans/FullScanGinNJuiceAuth.yaml b/other/af-plans/FullScanGinNJuiceAuth.yaml
new file mode 100644
index 00000000..40644abf
--- /dev/null
+++ b/other/af-plans/FullScanGinNJuiceAuth.yaml
@@ -0,0 +1,65 @@
+---
+# A simple plan for performing an authenticated scan against Gin n Juice Shop.
+# It does not currently support OAST which is required for some of the known vulnerabilities.
+env:
+  contexts:
+  - name: Gin N Juice Shop
+    urls:
+    - https://ginandjuice.shop
+    includePaths:
+    - https://ginandjuice.shop.*
+    excludePaths:
+    - https://ginandjuice.shop/logout
+    authentication:
+      method: browser
+      parameters:
+        loginPageUrl: https://ginandjuice.shop/login
+        browserId: firefox-headless
+        loginPageWait: 1
+        steps: []
+      verification:
+        method: poll
+        loggedInRegex: \Q 200 OK\E
+        loggedOutRegex: \Q 302 Found\E
+        pollFrequency: 60
+        pollUnits: requests
+        pollUrl: https://ginandjuice.shop/my-account
+        pollPostData: ""
+    sessionManagement:
+      method: headers
+    users:
+    - name: carlos
+      credentials:
+        password: hunter2
+        username: carlos
+  parameters: {}
+jobs:
+- type: spider
+  parameters:
+    context: Gin N Juice Shop
+    user: carlos
+- type: spiderAjax
+  parameters:
+    context: Gin N Juice Shop
+    user: carlos
+    browserId: firefox-headless
+    excludedElements:
+    - description: Logout
+      element: a
+      text: Log out
+- type: passiveScan-wait
+  parameters: {}
+- type: activeScan
+  parameters:
+    context: Gin N Juice Shop
+    user: carlos
+  policyDefinition:
+    defaultStrength: medium
+    defaultThreshold: medium
+- parameters:
+    template: "modern"
+    reportTitle: "ZAP Scanning Report"
+    reportDescription: ""
+  name: "report"
+  type: "report"
+