• Home
• br.com.softplan.security.zap
• zap-maven-plugin
• 1.2.0-0
• source code
• AnalyzeMojo.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

br.com.softplan.security.zap.maven.AnalyzeMojo Maven / Gradle / Ivy

package br.com.softplan.security.zap.maven;

import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
import org.apache.maven.plugins.annotations.Mojo;

import br.com.softplan.security.zap.api.ZapClient;
import br.com.softplan.security.zap.api.model.AnalysisInfo;
import br.com.softplan.security.zap.api.model.AuthenticationInfo;
import br.com.softplan.security.zap.api.report.ZapReport;
import br.com.softplan.security.zap.commons.ZapInfo;
import br.com.softplan.security.zap.commons.boot.Zap;

/**
 * Goal to execute a full analysis with ZAP.
 * 

 * It will run the default Spider, and optionally the AJAX Spider, proceed with the Active Scan and generate the reports.
 * 
 * @author pdsec
 */
@Mojo(name="analyze")
public class AnalyzeMojo extends ZapMojo {
	
	public void execute() throws MojoExecutionException, MojoFailureException {
		getLog().info("Starting ZAP analysis at target: " + getTargetUrl());
		
		ZapInfo zapInfo = buildZapInfo();
		AuthenticationInfo authenticationInfo = buildAuthenticationInfo();
		AnalysisInfo analysisInfo = buildAnalysisInfo();

		ZapClient zapClient = new ZapClient(zapInfo, authenticationInfo);
		try {
			Zap.startZap(zapInfo);
			ZapReport zapReport = zapClient.analyze(analysisInfo);
			saveReport(zapReport);
		} finally {
			Zap.stopZap();
		}

		getLog().info("ZAP analysis finished.");
	}
	
}