Export/Import OWASP ZAP Passive Scan Rules

旧城冷巷雨未停 提交于 2019-12-20 04:55:38

问题


Is there any way to create a scan policy for passive scans? I know you can create and modify scan policies for the active/attack scanning, but i'm wondering if you can do the same for the passive scan rules or if you have to individually modify them on every machine?


回答1:


There's an existing ticket open to unify Active/Passive Scan handling in a singular policy type interface: https://github.com/zaproxy/zaproxy/issues/3870. If you're really interested in that you could support it on BountySource (https://www.bountysource.com/issues/49047644-improved-active-passive-rules-management) and see if that draws some attention/action.

Another option you could go with is to create a quick script that uses ZAP's web API to apply a Passive Scan rule "policy". Relevant endpoints include: pscan/view/scanners/, pscan/action/disableAllScanners/, pscan/action/enableScanners/. Here's a python example:

from zapv2 import ZAPv2 as zap
import time

apikey = "apikey12345" #Your apikey
z = zap(apikey=apikey, proxies={"http": "http://127.0.0.1:8080", "https": "http://127.0.0.1:8080"})
time.sleep(2) #Might need to be longer depending on your machine and if ZAP is already running or not

print "Disabling all passive scan rules.."

z.pscan.disable_all_scanners()

scanners = z.pscan.scanners

for scanner in scanners:
    print scanner.get("id") + " : " + scanner.get("enabled") + " : " + scanner.get("name")

to_enable = "10020,10021,10062" #Customize as you see fit
print "\nEnabling specific passive scan rules..[" + to_enable +"]"

z.pscan.enable_scanners(to_enable)

print "\nListing enabled passive scan rules.."

scanners2 = z.pscan.scanners

for scanner in scanners2:
    if (scanner.get("enabled") == "true"):
        print scanner.get("id") + " : " + scanner.get("enabled") + " : " + scanner.get("name")

Finally you could configure ZAP on one system, then copy that config.xml to other systems as needed.



来源:https://stackoverflow.com/questions/51266590/export-import-owasp-zap-passive-scan-rules

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!