/
__init__.py
127 lines (112 loc) · 3.93 KB
/
__init__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Zed Attack Proxy (ZAP) and its related class files.
#
# ZAP is an HTTP/HTTPS proxy for assessing web application security.
#
# Copyright 2012 ZAP development team
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""
Client implementation for using the ZAP pentesting proxy remotely.
"""
__docformat__ = 'restructuredtext'
import json
import urllib
from acsrf import acsrf
from ascan import ascan
from ajaxSpider import ajaxSpider
from authentication import authentication
from authorization import authorization
from autoupdate import autoupdate
from brk import brk
from context import context
from core import core
from forcedUser import forcedUser
from httpSessions import httpSessions
from importLogFiles import importLogFiles
from params import params
from pnh import pnh
from pscan import pscan
from reveal import reveal
from script import script
from search import search
from selenium import selenium
from sessionManagement import sessionManagement
from spider import spider
from stats import stats
from users import users
class ZAPv2(object):
"""
Client API implementation for integrating with ZAP v2.
"""
# base JSON api url
base = 'http://zap/JSON/'
# base OTHER api url
base_other = 'http://zap/OTHER/'
def __init__(self, proxies={'http': 'http://127.0.0.1:8080',
'https': 'http://127.0.0.1:8080'}):
"""
Creates an instance of the ZAP api client.
:Parameters:
- `proxies`: dictionary of ZAP proxies to use.
Note that all of the other classes in this directory are generated
new ones will need to be manually added to this file
"""
self.__proxies = proxies
self.acsrf = acsrf(self)
self.ajaxSpider = ajaxSpider(self)
self.ascan = ascan(self)
self.authentication = authentication(self)
self.authorization = authorization(self)
self.autoupdate = autoupdate(self)
self.brk = brk(self)
self.context = context(self)
self.core = core(self)
self.forcedUser = forcedUser(self)
self.httpsessions = httpSessions(self)
self.importLogFiles = importLogFiles(self)
self.params = params(self)
self.pnh = pnh(self)
self.pscan = pscan(self)
self.reveal = reveal(self)
self.script = script(self)
self.search = search(self)
self.selenium = selenium(self)
self.sessionManagement = sessionManagement(self)
self.spider = spider(self)
self.stats = stats(self)
self.users = users(self)
def urlopen(self, *args, **kwargs):
"""
Opens a url forcing the proxies to be used.
:Parameters:
- `args`: all non-keyword arguments.
- `kwargs`: all other keyword arguments.
"""
kwargs['proxies'] = self.__proxies
return urllib.urlopen(*args, **kwargs).read()
def _request(self, url, get=None):
"""
Shortcut for a GET request.
:Parameters:
- `url`: the url to GET at.
- `get`: the disctionary to turn into GET variables.
"""
return json.loads(self.urlopen(url + '?' + urllib.urlencode(get or {})))
def _request_other(self, url, get={}):
"""
Shortcut for an API OTHER GET request.
:Parameters:
- `url`: the url to GET at.
- `get`: the disctionary to turn into GET variables.
"""
return self.urlopen(url + '?' + urllib.urlencode(get or {}))