Example 21 with SpiderParam
use of org.zaproxy.zap.spider.SpiderParam in project zaproxy by zaproxy.
the class OptionsSpiderPanel method initParam.
@Override
public void initParam(Object obj) {
OptionsParam options = (OptionsParam) obj;
SpiderParam param = options.getParamSet(SpiderParam.class);
getSliderMaxDepth().setValue(param.getMaxDepth());
getSliderThreads().setValue(param.getThreadCount());
getDurationNumberSpinner().setValue(param.getMaxDuration());
getMaxChildrenNumberSpinner().setValue(param.getMaxChildren());
getDomainsAlwaysInScopeTableModel().setDomainsAlwaysInScope(param.getDomainsAlwaysInScope());
getDomainsAlwaysInScopePanel().setRemoveWithoutConfirmation(param.isConfirmRemoveDomainAlwaysInScope());
getChkProcessForm().setSelected(param.isProcessForm());
getChkSendRefererHeader().setSelected(param.isSendRefererHeader());
getChkPostForm().setSelected(param.isPostForm());
getChkParseComments().setSelected(param.isParseComments());
getChkParseRobotsTxt().setSelected(param.isParseRobotsTxt());
getChkParseSitemapXml().setSelected(param.isParseSitemapXml());
getChkParseSVNEntries().setSelected(param.isParseSVNEntries());
getChkParseGit().setSelected(param.isParseGit());
getComboHandleParameters().setSelectedItem(param.getHandleParameters());
getHandleODataSpecificParameters().setSelected(param.isHandleODataParametersVisited());
}
Also used :
OptionsParam(org.parosproxy.paros.model.OptionsParam)
SpiderParam(org.zaproxy.zap.spider.SpiderParam)
Example 22 with SpiderParam
use of org.zaproxy.zap.spider.SpiderParam in project zaproxy by zaproxy.
the class SpiderScanController method startScan.
@Override
public int startScan(String name, Target target, User user, Object[] contextSpecificObjects) {
spiderScansLock.lock();
try {
int id = this.scanIdCounter++;
SpiderParam spiderParams = extension.getSpiderParam();
List<SpiderParser> customSpiderParsers = new ArrayList<SpiderParser>();
List<FetchFilter> customFetchFilters = new ArrayList<FetchFilter>();
List<ParseFilter> customParseFilters = new ArrayList<ParseFilter>();
URI startUri = null;
if (contextSpecificObjects != null) {
for (Object obj : contextSpecificObjects) {
if (obj instanceof SpiderParam) {
log.debug("Setting custom spider params");
spiderParams = (SpiderParam) obj;
} else if (obj instanceof SpiderParser) {
customSpiderParsers.add((SpiderParser) obj);
} else if (obj instanceof FetchFilter) {
customFetchFilters.add((FetchFilter) obj);
} else if (obj instanceof ParseFilter) {
customParseFilters.add((ParseFilter) obj);
} else if (obj instanceof URI) {
startUri = (URI) obj;
} else {
log.error("Unexpected contextSpecificObject: " + obj.getClass().getCanonicalName());
}
}
}
if (spiderParams.getMaxChildren() > 0) {
// Add the filters to filter on maximum number of children
MaxChildrenFetchFilter maxChildrenFetchFilter = new MaxChildrenFetchFilter();
maxChildrenFetchFilter.setMaxChildren(spiderParams.getMaxChildren());
maxChildrenFetchFilter.setModel(extension.getModel());
MaxChildrenParseFilter maxChildrenParseFilter = new MaxChildrenParseFilter();
maxChildrenParseFilter.setMaxChildren(spiderParams.getMaxChildren());
maxChildrenParseFilter.setModel(extension.getModel());
customFetchFilters.add(maxChildrenFetchFilter);
customParseFilters.add(maxChildrenParseFilter);
}
SpiderScan scan = new SpiderScan(extension, spiderParams, target, startUri, user, id, name);
scan.setCustomSpiderParsers(customSpiderParsers);
scan.setCustomFetchFilters(customFetchFilters);
scan.setCustomParseFilters(customParseFilters);
this.spiderScanMap.put(id, scan);
this.spiderScanList.add(scan);
scan.start();
return id;
} finally {
spiderScansLock.unlock();
}
}
Also used :
MaxChildrenParseFilter(org.zaproxy.zap.spider.filters.MaxChildrenParseFilter)
ParseFilter(org.zaproxy.zap.spider.filters.ParseFilter)
MaxChildrenParseFilter(org.zaproxy.zap.spider.filters.MaxChildrenParseFilter)
MaxChildrenFetchFilter(org.zaproxy.zap.spider.filters.MaxChildrenFetchFilter)
ArrayList(java.util.ArrayList)
SpiderParam(org.zaproxy.zap.spider.SpiderParam)
SpiderParser(org.zaproxy.zap.spider.parser.SpiderParser)
URI(org.apache.commons.httpclient.URI)
FetchFilter(org.zaproxy.zap.spider.filters.FetchFilter)
MaxChildrenFetchFilter(org.zaproxy.zap.spider.filters.MaxChildrenFetchFilter)
Example 23 with SpiderParam
use of org.zaproxy.zap.spider.SpiderParam in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldParseNonPostFormIfPostFormProcessingIsDisabled.
@Test
public void shouldParseNonPostFormIfPostFormProcessingIsDisabled() {
// Given
SpiderParam spiderOptions = createSpiderParamWithConfig();
spiderOptions.setProcessForm(true);
spiderOptions.setPostForm(false);
SpiderHtmlFormParser htmlParser = new SpiderHtmlFormParser(spiderOptions, new DefaultValueGenerator());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("GET", "Form.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.org/?field1=Text+1&field2=Text+2&submit=Submit"));
}
Also used :
DefaultValueGenerator(org.zaproxy.zap.model.DefaultValueGenerator)
SpiderParam(org.zaproxy.zap.spider.SpiderParam)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Source(net.htmlparser.jericho.Source)
Test(org.junit.Test)
Example 24 with SpiderParam
use of org.zaproxy.zap.spider.SpiderParam in project zaproxy by zaproxy.
the class SpiderSitemapXMLParserUnitTest method createSpiderSitemapXMLParser.
private static SpiderSitemapXMLParser createSpiderSitemapXMLParser() {
SpiderParam params = createSpiderParamWithConfig();
params.setParseSitemapXml(true);
return new SpiderSitemapXMLParser(params);
}
Also used :
SpiderParam(org.zaproxy.zap.spider.SpiderParam)
Example 25 with SpiderParam
use of org.zaproxy.zap.spider.SpiderParam in project zaproxy by zaproxy.
the class SpiderSitemapXMLParserUnitTest method shouldFailToCreateParserWithUndefinedSpiderOptions.
@Test(expected = IllegalArgumentException.class)
public void shouldFailToCreateParserWithUndefinedSpiderOptions() {
// Given
SpiderParam undefinedSpiderOptions = null;
// When
new SpiderSitemapXMLParser(undefinedSpiderOptions);
// Then = IllegalArgumentException
}
Also used :
SpiderParam(org.zaproxy.zap.spider.SpiderParam)
Test(org.junit.Test)
Aggregations
SpiderParam (org.zaproxy.zap.spider.SpiderParam)39
Test (org.junit.Test)32
HttpMessage (org.parosproxy.paros.network.HttpMessage)29
Source (net.htmlparser.jericho.Source)24
DefaultValueGenerator (org.zaproxy.zap.model.DefaultValueGenerator)5
ArrayList (java.util.ArrayList)2
OptionsParam (org.parosproxy.paros.model.OptionsParam)2
URI (org.apache.commons.httpclient.URI)1
ScannerParam (org.parosproxy.paros.core.scanner.ScannerParam)1
ConnectionParam (org.parosproxy.paros.network.ConnectionParam)1
AntiCsrfAPI (org.zaproxy.zap.extension.anticsrf.AntiCsrfAPI)1
AntiCsrfParam (org.zaproxy.zap.extension.anticsrf.AntiCsrfParam)1
ActiveScanAPI (org.zaproxy.zap.extension.ascan.ActiveScanAPI)1
AuthenticationAPI (org.zaproxy.zap.extension.authentication.AuthenticationAPI)1
AuthorizationAPI (org.zaproxy.zap.extension.authorization.AuthorizationAPI)1
AutoUpdateAPI (org.zaproxy.zap.extension.autoupdate.AutoUpdateAPI)1
OptionsParamCheckForUpdates (org.zaproxy.zap.extension.autoupdate.OptionsParamCheckForUpdates)1
BreakAPI (org.zaproxy.zap.extension.brk.BreakAPI)1
ForcedUserAPI (org.zaproxy.zap.extension.forceduser.ForcedUserAPI)1
HttpSessionsAPI (org.zaproxy.zap.extension.httpsessions.HttpSessionsAPI)1
