Examples with Variant org.parosproxy.paros.core.scanner.Variant used on opensource projects

Search in sources :

Example 6 with Variant

use of org.parosproxy.paros.core.scanner.Variant in project zaproxy by zaproxy.

the class VariantFactoryUnitTest method shouldUseVariantScripts.

@Test
@SuppressWarnings("unchecked")
void shouldUseVariantScripts() {
    // Given
    VariantScript script = mock(TARGET_INTERFACE);
    CachedScript<VariantScript> cachedScript = createCachedScript(script);
    ScriptsCache<VariantScript> scriptsCache = createScriptsCache(cachedScript);
    given(extensionScript.<VariantScript>createScriptsCache(any())).willReturn(scriptsCache);
    // When
    List<Variant> variants = factory.createSiteModifyingVariants();
    // Then
    verify(scriptsCache, times(1)).refreshAndExecute(any(ScriptWrapperAction.class));
    assertThat(variants, hasSize(1));
    assertThat(variants.get(0), is(instanceOf(VariantCustom.class)));
}
Also used : Variant(org.parosproxy.paros.core.scanner.Variant) ScriptWrapperAction(org.zaproxy.zap.extension.script.ScriptsCache.ScriptWrapperAction) VariantScript(org.parosproxy.paros.core.scanner.VariantScript) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 7 with Variant

use of org.parosproxy.paros.core.scanner.Variant in project zaproxy by zaproxy.

the class VariantFactoryUnitTest method shouldReturnNoVariantsWhenUnset.

@Test
void shouldReturnNoVariantsWhenUnset() {
    // Given
    ScannerParam scanOptions = Mockito.mock(ScannerParam.class, withSettings().lenient());
    Mockito.when(scanOptions.getConfig()).thenReturn(new ZapXmlConfiguration());
    HttpMessage message = new HttpMessage();
    scanOptions.setTargetParamsInjectable(0);
    // When
    List<Variant> variants = factory.createVariants(scanOptions, message);
    // Then
    assertThat(variants.size(), is(equalTo(0)));
}
Also used : Variant(org.parosproxy.paros.core.scanner.Variant) ScannerParam(org.parosproxy.paros.core.scanner.ScannerParam) ZapXmlConfiguration(org.zaproxy.zap.utils.ZapXmlConfiguration) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 8 with Variant

use of org.parosproxy.paros.core.scanner.Variant in project zaproxy by zaproxy.

the class VariantFactoryUnitTest method shouldReturnCustomVariants.

@Test
void shouldReturnCustomVariants() {
    // Given
    factory.addVariant(TestVariant.class);
    ScannerParam scanOptions = new ScannerParam();
    HttpMessage message = new HttpMessage();
    // When
    List<Variant> variants = factory.createVariants(scanOptions, message);
    // Then
    assertThat(variants.size(), is(equalTo(11)));
    assertThat(variants.get(0).getClass(), is(equalTo(VariantURLQuery.class)));
    assertThat(variants.get(1).getClass(), is(equalTo(VariantODataIdQuery.class)));
    assertThat(variants.get(2).getClass(), is(equalTo(VariantODataFilterQuery.class)));
    assertThat(variants.get(3).getClass(), is(equalTo(VariantDdnPath.class)));
    assertThat(variants.get(4).getClass(), is(equalTo(VariantFormQuery.class)));
    assertThat(variants.get(5).getClass(), is(equalTo(VariantMultipartFormParameters.class)));
    assertThat(variants.get(6).getClass(), is(equalTo(VariantXMLQuery.class)));
    assertThat(variants.get(7).getClass(), is(equalTo(VariantJSONQuery.class)));
    assertThat(variants.get(8).getClass(), is(equalTo(VariantGWTQuery.class)));
    assertThat(variants.get(9).getClass(), is(equalTo(VariantDirectWebRemotingQuery.class)));
    assertThat(variants.get(10).getClass(), is(equalTo(TestVariant.class)));
}
Also used : Variant(org.parosproxy.paros.core.scanner.Variant) ScannerParam(org.parosproxy.paros.core.scanner.ScannerParam) HttpMessage(org.parosproxy.paros.network.HttpMessage) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 9 with Variant

use of org.parosproxy.paros.core.scanner.Variant in project zaproxy by zaproxy.

the class VariantFactoryUnitTest method shouldScanNullJsonValuesAsDefinedInOptions.

@ParameterizedTest
@ValueSource(booleans = { true, false })
void shouldScanNullJsonValuesAsDefinedInOptions(boolean scanNulls) {
    // Given
    ScannerParam scanOptions = mock(ScannerParam.class);
    given(scanOptions.getTargetParamsInjectable()).willReturn(ScannerParam.TARGET_POSTDATA);
    given(scanOptions.getTargetParamsEnabledRPC()).willReturn(ScannerParam.RPC_JSON);
    given(scanOptions.isScanNullJsonValues()).willReturn(scanNulls);
    HttpMessage message = new HttpMessage();
    // When
    List<Variant> variants = factory.createVariants(scanOptions, message);
    // Then
    VariantJSONQuery jsonVariant = getVariant(variants, VariantJSONQuery.class);
    assertThat(jsonVariant.isScanNullValues(), is(equalTo(scanNulls)));
}
Also used : Variant(org.parosproxy.paros.core.scanner.Variant) ScannerParam(org.parosproxy.paros.core.scanner.ScannerParam) VariantJSONQuery(org.parosproxy.paros.core.scanner.VariantJSONQuery) HttpMessage(org.parosproxy.paros.network.HttpMessage) ValueSource(org.junit.jupiter.params.provider.ValueSource) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 10 with Variant

use of org.parosproxy.paros.core.scanner.Variant in project zaproxy by zaproxy.

the class ScriptsActiveScannerUnitTest method shouldScanParamsWithActiveScript.

@Test
@SuppressWarnings("unchecked")
void shouldScanParamsWithActiveScript() throws Exception {
    // Given
    ActiveScript script1 = mock(ActiveScript.class);
    ScriptWrapper scriptWrapper1 = createScriptWrapper(script1, ActiveScript.class);
    ActiveScript script2 = mock(ActiveScript.class);
    ScriptWrapper scriptWrapper2 = createScriptWrapper(script2, ActiveScript.class);
    given(extensionScript.getScripts(SCRIPT_TYPE)).willReturn(asList(scriptWrapper1, scriptWrapper2));
    ScriptsCache<ActiveScript> scriptsCache = createScriptsCache(createCachedScript(script1, scriptWrapper1), createCachedScript(script2, scriptWrapper2));
    given(extensionScript.<ActiveScript>createScriptsCache(any())).willReturn(scriptsCache);
    given(parent.getScannerParam()).willReturn(mock(ScannerParam.class));
    String name1 = "Name1";
    String value1 = "Value1";
    NameValuePair param1 = param(name1, value1);
    String name2 = "Name2";
    String value2 = "Value2";
    NameValuePair param2 = param(name2, value2);
    Variant variant = mock(Variant.class);
    given(variant.getParamList()).willReturn(asList(param1, param2));
    VariantFactory variantFactory = mock(VariantFactory.class);
    given(variantFactory.createVariants(any(), any())).willReturn(asList(variant));
    given(model.getVariantFactory()).willReturn(variantFactory);
    ScriptsActiveScanner scriptsActiveScanner = new ScriptsActiveScanner();
    scriptsActiveScanner.init(message, parent);
    // When
    scriptsActiveScanner.scan();
    // Then
    verify(scriptsCache, times(2)).refresh();
    verify(scriptsCache, times(2)).getCachedScripts();
    verify(script1, times(1)).scan(scriptsActiveScanner, message, name1, value1);
    verify(script1, times(1)).scan(scriptsActiveScanner, message, name2, value2);
    verify(script2, times(1)).scan(scriptsActiveScanner, message, name1, value1);
    verify(script2, times(1)).scan(scriptsActiveScanner, message, name2, value2);
}
Also used : Variant(org.parosproxy.paros.core.scanner.Variant) NameValuePair(org.parosproxy.paros.core.scanner.NameValuePair) ScannerParam(org.parosproxy.paros.core.scanner.ScannerParam) ScriptWrapper(org.zaproxy.zap.extension.script.ScriptWrapper) Test(org.junit.jupiter.api.Test) WithConfigsTest(org.zaproxy.zap.WithConfigsTest)

Aggregations

Variant (org.parosproxy.paros.core.scanner.Variant)11 Test (org.junit.jupiter.api.Test)9 WithConfigsTest (org.zaproxy.zap.WithConfigsTest)9 ScannerParam (org.parosproxy.paros.core.scanner.ScannerParam)8 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)7 HttpMessage (org.parosproxy.paros.network.HttpMessage)6 ScriptWrapper (org.zaproxy.zap.extension.script.ScriptWrapper)4 NameValuePair (org.parosproxy.paros.core.scanner.NameValuePair)3 URI (org.apache.commons.httpclient.URI)2 VariantJSONQuery (org.parosproxy.paros.core.scanner.VariantJSONQuery)2 ZapXmlConfiguration (org.zaproxy.zap.utils.ZapXmlConfiguration)2 ArrayList (java.util.ArrayList)1 ScriptException (javax.script.ScriptException)1 ValueSource (org.junit.jupiter.params.provider.ValueSource)1 VariantCookie (org.parosproxy.paros.core.scanner.VariantCookie)1 VariantCustom (org.parosproxy.paros.core.scanner.VariantCustom)1 VariantDdnPath (org.parosproxy.paros.core.scanner.VariantDdnPath)1 VariantDirectWebRemotingQuery (org.parosproxy.paros.core.scanner.VariantDirectWebRemotingQuery)1 VariantFormQuery (org.parosproxy.paros.core.scanner.VariantFormQuery)1 VariantGWTQuery (org.parosproxy.paros.core.scanner.VariantGWTQuery)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial