如何使用与Jenkins集成的Python API脚本为zap(Owasp)创建HTML报告

本文介绍了如何使用与Jenkins集成的Python API脚本为zap(Owasp)创建HTML报告的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我使用Python API触发了zap，如下所示:-

I have trigger zap with Python API as below:-

脚本源:-

https://github.com/zaproxy/zaproxy/wiki/ApiPython

我想要通过命令行生成HTML报告.

I want an HTML report generated via command line.

我正在尝试将其与Jenkins集成在一起.我在詹金斯(Jenkins)中发现了很少的Owasp插件，但似乎没有按预期工作.

I am trying to integrate same with Jenkins.I have found few plug-ins of Owasp in Jenkins but doesn't seem to work as expected.

任何想法，链接，教程都会对我有帮助.

Any idea, link, tutorials will really help me.

推荐答案

在此URL/API( http://ZAP-IP:PORT/UI/core/other/htmlreport/)用户可以获取该报告.

At this URL/API ( http://ZAP-IP:PORT/UI/core/other/htmlreport/) user can get the report.

我还没有找到任何zap支持插件，所以我写了selenium webdriver Java脚本来完成任务.代码是:-

I havn't found any zap support plug-in so I have wrote selenium webdriver java script to accomplish my task. The code is :-

    @Test
    public void Report() {
            System.setProperty("webdriver.chrome.driver",System.getProperty("user.dir")+"\\src\\lib\\chromedriver.exe");
            ChromeOptions chromeOptions = new ChromeOptions();
            chromeOptions.addArguments("--start-maximized");
            WebDriver driver = new ChromeDriver(chromeOptions);
            driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
            driver.get("http://localhost:8080/UI/core/other/htmlreport");
            driver.manage().timeouts().pageLoadTimeout(30, TimeUnit.SECONDS);
            driver.findElement(By.id("apikey")).sendKeys("ChangeMe");
            driver.findElement(By.id("button")).click();

            SimpleDateFormat dateFormatForFoldername = new SimpleDateFormat("yyyy-MM-dd-HH-mm-ss");
            Date currentDate = new Date();
            String folderDateFormat = dateFormatForFoldername.format(currentDate);
        try {
            URL oracle = new URL(driver.getCurrentUrl());
            BufferedReader in = new BufferedReader(
            new InputStreamReader(oracle.openStream()));
            BufferedWriter writer = new BufferedWriter(new FileWriter("Reports"+File.separator+"OwaspReport-"+folderDateFormat+".html"));

            String inputLine;
            while ((inputLine = in.readLine()) != null){
                try{
                    writer.write(inputLine);
                }
                catch(IOException e){
                    e.printStackTrace();
                    return;
                }
            }
            in.close();
            writer.close();
            driver.quit();
        }
        catch(Exception ex) {
            System.out.println(ex.getMessage());
            ex.printStackTrace();
        }   
    }

注意:-根据您的zap端口更改URL中的端口，并替换apiKey

Note :- change the port in URL as per your zap port and replace the apiKey

希望它会为您提供帮助:)

Hope it will help you :)

这篇关于如何使用与Jenkins集成的Python API脚本为zap(Owasp)创建HTML报告的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！