how do we use OWASP ZAP API to run spider scan in java using Intelli J IDE? I went through OWASP ZAP documentation and couldn't figure it out
I tried the code on documentation, but i am not able to get scan report
package com.example.zaptry.ZapTry;
import org.zaproxy.clientapi.core.ApiResponse;
import org.zaproxy.clientapi.core.ApiResponseElement;
import org.zaproxy.clientapi.core.ApiResponseList;
import org.zaproxy.clientapi.core.ClientApi;
import java.util.List;
public class first {
private static final String ZAP_ADDRESS = "localhost";
private static final int ZAP_PORT = 8080;
// Change to match the API key set in ZAP, or use NULL if the API key is disabled
private static final String ZAP_API_KEY = "r18e0j9pib9nqnke6l9hto2873";
// The URL of the application to be tested
private static final String TARGET = "https://public-firing-range.appspot.com";
public static void main(String[] args) {
ClientApi api = new ClientApi(ZAP_ADDRESS, ZAP_PORT, ZAP_API_KEY);
try {
// Start spidering the target
System.out.println("Spidering target : " + TARGET);
ApiResponse resp = api.spider.scan(TARGET, null, null, null, null);
String scanID;
int progress;
// The scan returns a scan id to support concurrent scanning
scanID = ((ApiResponseElement) resp).getValue();
// Poll the status until it completes
while (true) {
Thread.sleep(1000);
progress = Integer.parseInt(((ApiResponseElement) api.spider.status(scanID)).getValue());
System.out.println("Spider progress : " + progress + "%");
if (progress >= 100) {
break;
}
}
System.out.println("Spider completed");
// If required post process the spider results
List<ApiResponse> spiderResults = ((ApiResponseList) api.spider.results(scanID)).getItems();
} catch (Exception e) {
System.out.println("Exception : " + e.getMessage());
e.printStackTrace();
}
}
}
the class name is first
Aucun commentaire:
Enregistrer un commentaire