net.continuumsecurity.proxy.ScanningProxy Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of atf-toolbox Show documentation
Show all versions of atf-toolbox Show documentation
Automation Testing Framework Toolbox Provides simple automation.
package net.continuumsecurity.proxy;
import net.continuumsecurity.proxy.model.Context;
import net.continuumsecurity.proxy.model.Script;
import org.zaproxy.clientapi.core.Alert;
import java.io.IOException;
import java.util.List;
import java.util.regex.Pattern;
public interface ScanningProxy extends LoggingProxy {
/*
Return all results as a list of org.zaproxy.clientapi.core.Alert
*/
List getAlerts() throws ProxyException;
/*
As above, but for a specific range of records
*/
List getAlerts(int start, int count) throws ProxyException;
/*
The number of available alerts
*/
int getAlertsCount() throws ProxyException;
public void deleteAlerts() throws ProxyException;
/*
Perform an active scan of everything that was logged by the proxy
*/
public void scan(String url) throws ProxyException;
/*
Return the percentage completion of the current scan
*/
public int getScanProgress(int scanId) throws ProxyException;
public int getLastScannerScanId() throws ProxyException;
public byte[] getXmlReport() throws ProxyException;
public byte[] getHtmlReport() throws ProxyException;
void setScannerAttackStrength(String scannerId, String strength) throws ProxyException;
void setScannerAlertThreshold(String scannerId, String threshold) throws ProxyException;
public void setEnableScanners(String ids, boolean enabled) throws ProxyException;
public void disableAllScanners() throws ProxyException;
public void enableAllScanners() throws ProxyException;
public void setEnablePassiveScan(boolean enabled) throws ProxyException;
public void excludeFromScanner(String regex) throws ProxyException;
/**
* Shuts down ZAP.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
public void shutdown() throws ProxyException;
/**
* Enables handling of anti CSRF tokens during active scanning.
* @param enabled Boolean flag to enable / disable handling of anti CSRF tokens during active scan.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
public void setOptionHandleAntiCSRFTokens(boolean enabled) throws ProxyException;
/**
* Creates a new context with given context name and sets it in scope if @param inScope is true.
*
* @param contextName Name of the context.
* @param inScope true to set context in scope.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void createContext(String contextName, boolean inScope) throws ProxyException;
/**
* Adds include regex to the given context.
*
* @param contextName Name of the context.
* @param regex Regex to include in context.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void includeRegexInContext(String contextName, Pattern regex) throws ProxyException;
/**
* Adds include parent url to the given content.
* @param contextName Name of the context.
* @param parentUrl Parent URL to include in context.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void includeUrlTreeInContext(String contextName, String parentUrl) throws ProxyException;
/**
* Add exclude regex to the given context.
* @param contextName Name of the context.
* @param regex Regex to exclude from context.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void excludeRegexFromContext(String contextName, Pattern regex) throws ProxyException;
/**
* Add exclude regex to the given context.
* @param contextName Name of the context.
* @param parentUrl Parent URL to exclude from context.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void excludeParentUrlFromContext(String contextName, String parentUrl) throws ProxyException;
/**
* Returns Context details for a given context name.
* @param contextName Name of context.
* @return Context details for the given context
* @throws ProxyException - thrown if we are unable to connect to the proxy server
* @throws IOException - thrown if we can not decode objects
*/
Context getContextInfo(String contextName) throws ProxyException, IOException;
/**
* Returns list of context names.
* @return List of context names.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List getContexts() throws ProxyException;
/**
* Sets the given context in or out of scope.
* @param contextName Name of the context.
* @param inScope true - Sets the context in scope. false - Sets the context out of scope.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void setContextInScope(String contextName, boolean inScope) throws ProxyException;
/**
* Returns the list of included regexs for the given context.
* @param contextName Name of the context.
* @return List of include regexs.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List getIncludedRegexs(String contextName) throws ProxyException;
/**
* Returns the list of excluded regexs for the given context.
* @param contextName Name of the context.
* @return List of exclude regexs.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List getExcludedRegexs(String contextName) throws ProxyException;
/**
* Returns the list of Anti CSRF token names.
* @return List of Anti CSRF token names.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List getAntiCsrfTokenNames() throws ProxyException;
/**
* Adds an anti CSRF token with the given name, enabled by default.
* @param tokenName Anti CSRF token name.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void addAntiCsrfToken(String tokenName) throws ProxyException;
/**
* Removes the anti CSRF token with the given name.
* @param tokenName Anti CSRF token name.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
void removeAntiCsrfToken(String tokenName) throws ProxyException;
/**
* Returns the list of scripting engines that ZAP supports.
* @return List of script engines.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List listEngines() throws ProxyException;
/**
* Returns the list of scripts loaded into ZAP.
* @return List of scripts.
* @throws ProxyException - thrown if we are unable to connect to the proxy server
*/
List