├── .gitignore
├── .project
├── LICENSE
├── README.md
├── azure-pipelines.yml
├── redistributables
├── NugetPackaging
│ ├── OWASPZAPDotNetAPI.2.12.0.nupkg
│ ├── OWASPZAPDotNetAPI.nuspec
│ ├── buildnugetpackage.bat
│ ├── lib
│ │ └── OWASPZAPDotNetAPI.dll
│ └── nuget.exe
└── OWASPZAPDotNetAPI.dll
└── src
└── OWASPZAPDotNetAPI
├── .gitignore
├── NugetPackaging
├── OWASPZAPDotNetAPI.2.12.0.nupkg
├── OWASPZAPDotNetAPI.nuspec
├── buildnugetpackage.bat
├── lib
│ └── OWASPZAPDotNetAPI.dll
└── nuget.exe
├── OWASPZAPDotNetAPI.Samples
├── App.config
├── AuthenticatedScanWithFormsAuthentication.cs
├── OWASPZAPDotNetAPI.Samples.csproj
├── Program.cs
├── Properties
│ └── AssemblyInfo.cs
├── SimplePointAndClickScan.cs
└── ZAP.cs
├── OWASPZAPDotNetAPI.Tests
├── ClientApiTests.cs
├── OWASPZAPDotNetAPI.Tests.csproj
└── Properties
│ └── AssemblyInfo.cs
├── OWASPZAPDotNetAPI.sln
└── OWASPZAPDotNetAPI
├── Alerts.cs
├── ApiResponse.cs
├── ApiResponseElement.cs
├── ApiResponseFactory.cs
├── ApiResponseList.cs
├── ApiResponseSet.cs
├── ClientApi.cs
├── ExtensionMethods.cs
├── Generated
├── AccessControl.cs
├── Acsrf.cs
├── AjaxSpider.cs
├── Alert.cs
├── AlertFilter.cs
├── Ascan.cs
├── Authentication.cs
├── Authorization.cs
├── Automation.cs
├── Autoupdate.cs
├── Break.cs
├── Context.cs
├── Core.cs
├── Exim.cs
├── ForcedUser.cs
├── Graphql.cs
├── HttpSessions.cs
├── ImportLogFiles.cs
├── Importurls.cs
├── LocalProxies.cs
├── Network.cs
├── Openapi.cs
├── Params.cs
├── Pnh.cs
├── Pscan.cs
├── Replacer.cs
├── Reports.cs
├── Retest.cs
├── Reveal.cs
├── Revisit.cs
├── RuleConfig.cs
├── Script.cs
├── Search.cs
├── Selenium.cs
├── SessionManagement.cs
├── Soap.cs
├── Spider.cs
├── Stats.cs
├── Users.cs
├── Wappalyzer.cs
└── Websocket.cs
├── Interfaces
├── IApiResponse.cs
└── IWebClient.cs
├── OWASPZAPDotNetAPI.csproj
├── Properties
└── AssemblyInfo.cs
└── SystemWebClient.cs
/.gitignore:
--------------------------------------------------------------------------------
1 | ################################################################################
2 | # This .gitignore file was automatically created by Microsoft(R) Visual Studio.
3 | ################################################################################
4 |
5 | /.vs
6 |
--------------------------------------------------------------------------------
/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | zap-api-dotnet
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # zap-api-dotnet
2 | OWASP ZAP Dot NET API
3 |
4 | * Nuget package downloadable at [OWASPZAPDotNetAPI](https://www.nuget.org/packages/OWASPZAPDotNetAPI)
5 | * Nuget package manager command
6 | ```bat
7 | Install-Package OWASPZAPDotNetAPI -Version 2.12.0
8 | ```
9 |
10 | Samples and how to:
11 |
12 | * Simple point and click scan - [SimplePointAndClickScan.cs](https://github.com/zaproxy/zap-api-dotnet/blob/master/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/SimplePointAndClickScan.cs)
13 |
14 | * Authenticated scan - [AuthenticatedScanWithFormsAuthentication.cs](https://github.com/zaproxy/zap-api-dotnet/blob/master/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/AuthenticatedScanWithFormsAuthentication.cs)
15 |
16 |
17 | Although the target framework for this dll is .Net framework 4.5, you could also use the library from a .Net core application.
18 |
19 |
20 | In case of TLS errors, [try](https://github.com/zaproxy/zap-api-dotnet/blob/master/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/Program.cs):
21 | ```csharp
22 | private static void ConfigureTLSSettingsForDotNet45()
23 | {
24 | ServicePointManager.Expect100Continue = true;
25 | ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls
26 | | SecurityProtocolType.Tls11
27 | | SecurityProtocolType.Tls12
28 | | SecurityProtocolType.Ssl3;
29 | }
30 | ```
31 |
--------------------------------------------------------------------------------
/azure-pipelines.yml:
--------------------------------------------------------------------------------
1 | # .NET Desktop
2 | # Build and run tests for .NET Desktop or Windows classic desktop solutions.
3 | # Add steps that publish symbols, save build artifacts, and more:
4 | # https://docs.microsoft.com/azure/devops/pipelines/apps/windows/dot-net
5 |
6 | trigger:
7 | - master
8 |
9 | pool:
10 | vmImage: 'windows-latest'
11 |
12 | variables:
13 | solution: '**/*.sln'
14 | buildPlatform: 'Any CPU'
15 | buildConfiguration: 'Release'
16 |
17 | steps:
18 | - task: NuGetToolInstaller@0
19 |
20 | - task: NuGetCommand@2
21 | inputs:
22 | restoreSolution: '$(solution)'
23 |
24 | - task: VSBuild@1
25 | inputs:
26 | solution: '$(solution)'
27 | platform: '$(buildPlatform)'
28 | configuration: '$(buildConfiguration)'
29 |
30 | #- task: VSTest@2
31 | # inputs:
32 | # platform: '$(buildPlatform)'
33 | # configuration: '$(buildConfiguration)'
34 |
--------------------------------------------------------------------------------
/redistributables/NugetPackaging/OWASPZAPDotNetAPI.2.12.0.nupkg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/redistributables/NugetPackaging/OWASPZAPDotNetAPI.2.12.0.nupkg
--------------------------------------------------------------------------------
/redistributables/NugetPackaging/OWASPZAPDotNetAPI.nuspec:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | OWASPZAPDotNetAPI
5 | 2.12.0
6 | https://renouncedthoughts.wordpress.com/
7 | https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
8 | http://www.apache.org/licenses/LICENSE-2.0
9 | https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
10 | https://raw.githubusercontent.com/zaproxy/zaproxy/master/zap/src/main/resources/resource/zap128x128.png
11 | false
12 | OWASP ZAP Dot Net API
13 | The Dot Net API for OWASP ZAP allows you to access the OWASP Zed Attack Proxy's functionality programmatically to enable automated vulnerability analysis for web applications
14 | 2.12.0 compatible with OWASP ZAP 2.12.0 stable release.
15 | Copyright 2023
16 | OWASP ZAP DOT NET API
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/redistributables/NugetPackaging/buildnugetpackage.bat:
--------------------------------------------------------------------------------
1 | nuget.exe pack OWASPZAPDotNetAPI.nuspec
2 |
--------------------------------------------------------------------------------
/redistributables/NugetPackaging/lib/OWASPZAPDotNetAPI.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/redistributables/NugetPackaging/lib/OWASPZAPDotNetAPI.dll
--------------------------------------------------------------------------------
/redistributables/NugetPackaging/nuget.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/redistributables/NugetPackaging/nuget.exe
--------------------------------------------------------------------------------
/redistributables/OWASPZAPDotNetAPI.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/redistributables/OWASPZAPDotNetAPI.dll
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/.gitignore:
--------------------------------------------------------------------------------
1 | ## Ignore Visual Studio temporary files, build results, and
2 | ## files generated by popular Visual Studio add-ons.
3 |
4 | ###################
5 | # compiled source #
6 | ###################
7 | *.com
8 | *.class
9 | *.dll
10 | *.exe
11 | *.pdb
12 | *.dll.config
13 | *.cache
14 | *.suo
15 | # Include dlls if they’re in the NuGet packages directory
16 | !/packages/*/lib/*.dll
17 | # Include dlls if they're in the CommonReferences directory
18 | !*CommonReferences/*.dll
19 | ####################
20 | # VS Upgrade stuff #
21 | ####################
22 | _UpgradeReport_Files/
23 | ###############
24 | # Directories #
25 | ###############
26 | bin/
27 | obj/
28 | TestResults/
29 | ###################
30 | # Web publish log #
31 | ###################
32 | *.Publish.xml
33 | #############
34 | # Resharper #
35 | #############
36 | /_ReSharper.*
37 | *.ReSharper.*
38 | ############
39 | # Packages #
40 | ############
41 | # it’s better to unpack these files and commit the raw source
42 | # git has its own built in compression methods
43 | *.7z
44 | *.dmg
45 | *.gz
46 | *.iso
47 | *.jar
48 | *.rar
49 | *.tar
50 | *.zip
51 | ######################
52 | # Logs and databases #
53 | ######################
54 | *.log
55 | *.sqlite
56 | # OS generated files #
57 | ######################
58 | .DS_Store?
59 | ehthumbs.db
60 | Icon?
61 | Thumbs.db
62 |
63 |
64 | # User-specific files
65 | *.user
66 | *.userosscache
67 | *.sln.docstates
68 |
69 | # User-specific files (MonoDevelop/Xamarin Studio)
70 | *.userprefs
71 |
72 | # Build results
73 | [Dd]ebug/
74 | [Dd]ebugPublic/
75 | [Rr]elease/
76 | [Rr]eleases/
77 | x64/
78 | x86/
79 | build/
80 | bld/
81 | [Bb]in/
82 | [Oo]bj/
83 |
84 | # Visual Studo 2015 cache/options directory
85 | .vs/
86 |
87 | # MSTest test Results
88 | [Tt]est[Rr]esult*/
89 | [Bb]uild[Ll]og.*
90 |
91 | # NUNIT
92 | *.VisualState.xml
93 | TestResult.xml
94 |
95 | # Build Results of an ATL Project
96 | [Dd]ebugPS/
97 | [Rr]eleasePS/
98 | dlldata.c
99 |
100 | # DNX
101 | project.lock.json
102 | artifacts/
103 |
104 | *_i.c
105 | *_p.c
106 | *_i.h
107 | *.ilk
108 | *.meta
109 | *.obj
110 | *.pch
111 | *.pgc
112 | *.pgd
113 | *.rsp
114 | *.sbr
115 | *.tlb
116 | *.tli
117 | *.tlh
118 | *.tmp
119 | *.tmp_proj
120 | *.vspscc
121 | *.vssscc
122 | .builds
123 | *.pidb
124 | *.svclog
125 | *.scc
126 |
127 | # Chutzpah Test files
128 | _Chutzpah*
129 |
130 | # Visual C++ cache files
131 | ipch/
132 | *.aps
133 | *.ncb
134 | *.opensdf
135 | *.sdf
136 | *.cachefile
137 |
138 | # Visual Studio profiler
139 | *.psess
140 | *.vsp
141 | *.vspx
142 |
143 | # TFS 2012 Local Workspace
144 | $tf/
145 |
146 | # Guidance Automation Toolkit
147 | *.gpState
148 |
149 | # ReSharper is a .NET coding add-in
150 | _ReSharper*/
151 | *.[Rr]e[Ss]harper
152 | *.DotSettings.user
153 |
154 | # JustCode is a .NET coding add-in
155 | .JustCode
156 |
157 | # TeamCity is a build add-in
158 | _TeamCity*
159 |
160 | # DotCover is a Code Coverage Tool
161 | *.dotCover
162 |
163 | # NCrunch
164 | _NCrunch_*
165 | .*crunch*.local.xml
166 |
167 | # MightyMoose
168 | *.mm.*
169 | AutoTest.Net/
170 |
171 | # Web workbench (sass)
172 | .sass-cache/
173 |
174 | # Installshield output folder
175 | [Ee]xpress/
176 |
177 | # DocProject is a documentation generator add-in
178 | DocProject/buildhelp/
179 | DocProject/Help/*.HxT
180 | DocProject/Help/*.HxC
181 | DocProject/Help/*.hhc
182 | DocProject/Help/*.hhk
183 | DocProject/Help/*.hhp
184 | DocProject/Help/Html2
185 | DocProject/Help/html
186 |
187 | # Click-Once directory
188 | publish/
189 |
190 | # Publish Web Output
191 | *.[Pp]ublish.xml
192 | *.azurePubxml
193 | # TODO: Comment the next line if you want to checkin your web deploy settings
194 | # but database connection strings (with potential passwords) will be unencrypted
195 | *.pubxml
196 | *.publishproj
197 |
198 | # NuGet Packages
199 | #*.nupkg
200 | # The packages folder can be ignored because of Package Restore
201 | **/packages/*
202 | # except build/, which is used as an MSBuild target.
203 | !**/packages/build/
204 | # Uncomment if necessary however generally it will be regenerated when needed
205 | #!**/packages/repositories.config
206 |
207 | # Windows Azure Build Output
208 | csx/
209 | *.build.csdef
210 |
211 | # Windows Store app package directory
212 | AppPackages/
213 |
214 | # Visual Studio cache files
215 | # files ending in .cache can be ignored
216 | *.[Cc]ache
217 | # but keep track of directories ending in .cache
218 | !*.[Cc]ache/
219 |
220 | # Others
221 | ClientBin/
222 | [Ss]tyle[Cc]op.*
223 | ~$*
224 | *~
225 | *.dbmdl
226 | *.dbproj.schemaview
227 | *.pfx
228 | *.publishsettings
229 | node_modules/
230 | bower_components/
231 | orleans.codegen.cs
232 |
233 | # RIA/Silverlight projects
234 | Generated_Code/
235 |
236 | # Backup & report files from converting an old project file
237 | # to a newer Visual Studio version. Backup files are not needed,
238 | # because we have git ;-)
239 | _UpgradeReport_Files/
240 | Backup*/
241 | UpgradeLog*.XML
242 | UpgradeLog*.htm
243 |
244 | # SQL Server files
245 | *.mdf
246 | *.ldf
247 |
248 | # Business Intelligence projects
249 | *.rdl.data
250 | *.bim.layout
251 | *.bim_*.settings
252 |
253 | # Microsoft Fakes
254 | FakesAssemblies/
255 |
256 | # Node.js Tools for Visual Studio
257 | .ntvs_analysis.dat
258 |
259 | # Visual Studio 6 build log
260 | *.plg
261 |
262 | # Visual Studio 6 workspace options file
263 | *.opt
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/NugetPackaging/OWASPZAPDotNetAPI.2.12.0.nupkg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/src/OWASPZAPDotNetAPI/NugetPackaging/OWASPZAPDotNetAPI.2.12.0.nupkg
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/NugetPackaging/OWASPZAPDotNetAPI.nuspec:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | OWASPZAPDotNetAPI
5 | 2.12.0
6 | https://renouncedthoughts.wordpress.com/
7 | https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
8 | http://www.apache.org/licenses/LICENSE-2.0
9 | https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
10 | https://raw.githubusercontent.com/zaproxy/zaproxy/master/zap/src/main/resources/resource/zap128x128.png
11 | false
12 | OWASP ZAP Dot Net API
13 | The Dot Net API for OWASP ZAP allows you to access the OWASP Zed Attack Proxy's functionality programmatically to enable automated vulnerability analysis for web applications
14 | 2.12.0 compatible with OWASP ZAP 2.12.0 stable release.
15 | Copyright 2023
16 | OWASP ZAP DOT NET API
17 |
18 |
19 |
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/NugetPackaging/buildnugetpackage.bat:
--------------------------------------------------------------------------------
1 | nuget.exe pack OWASPZAPDotNetAPI.nuspec
2 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/NugetPackaging/lib/OWASPZAPDotNetAPI.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/src/OWASPZAPDotNetAPI/NugetPackaging/lib/OWASPZAPDotNetAPI.dll
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/NugetPackaging/nuget.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-dotnet/a1992309448a22fe98faaf084e17a35e7086ad11/src/OWASPZAPDotNetAPI/NugetPackaging/nuget.exe
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/App.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/OWASPZAPDotNetAPI.Samples.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {7B059393-0292-43BF-AE1C-D2DB4336453C}
8 | Exe
9 | Properties
10 | OWASPZAPDotNetAPI.Samples
11 | OWASPZAPDotNetAPI.Samples
12 | v4.8
13 | 512
14 | publish\
15 | true
16 | Disk
17 | false
18 | Foreground
19 | 7
20 | Days
21 | false
22 | false
23 | true
24 | 0
25 | 1.0.0.%2a
26 | false
27 | false
28 | true
29 |
30 |
31 |
32 | AnyCPU
33 | true
34 | full
35 | false
36 | bin\Debug\
37 | DEBUG;TRACE
38 | prompt
39 | 4
40 |
41 |
42 | AnyCPU
43 | pdbonly
44 | true
45 | bin\Release\
46 | TRACE
47 | prompt
48 | 4
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 | {112707db-10a3-40c9-bff2-172c2a9e82eb}
72 | OWASPZAPDotNetAPI
73 |
74 |
75 |
76 |
77 | False
78 | Microsoft .NET Framework 4.5 %28x86 and x64%29
79 | true
80 |
81 |
82 | False
83 | .NET Framework 3.5 SP1 Client Profile
84 | false
85 |
86 |
87 | False
88 | .NET Framework 3.5 SP1
89 | false
90 |
91 |
92 |
93 |
100 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Net;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace OWASPZAPDotNetAPI.Samples
9 | {
10 | class Program
11 | {
12 | static void Main(string[] args)
13 | {
14 | ConfigureTLSSettingsForDotNet45();
15 | ZAP.StartZapUI();
16 | //ZAP.StartZAPDaemon();
17 | //SimplePointAndClickScan.Go();
18 | AuthenticatedScanWithFormsAuthentication.Go();
19 | }
20 |
21 | private static void ConfigureTLSSettingsForDotNet45()
22 | {
23 | ServicePointManager.Expect100Continue = true;
24 | ServicePointManager.SecurityProtocol |= SecurityProtocolType.Tls
25 | | SecurityProtocolType.Tls11
26 | | SecurityProtocolType.Tls12
27 | | SecurityProtocolType.Ssl3;
28 | }
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("OWASPZAPDotNetAPI.Samples")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("OWASP")]
12 | [assembly: AssemblyProduct("OWASPZAPDotNetAPI.Samples")]
13 | [assembly: AssemblyCopyright("Copyright © 2017")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("1ce8dc5c-4ed5-46b2-a583-ff1310d7fd3c")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("2.8.0.0")]
36 | [assembly: AssemblyFileVersion("2.8.0.0")]
37 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/SimplePointAndClickScan.cs:
--------------------------------------------------------------------------------
1 | using OWASPZAPDotNetAPI;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.IO;
5 | using System.Linq;
6 | using System.Text;
7 | using System.Threading;
8 | using System.Threading.Tasks;
9 |
10 | namespace OWASPZAPDotNetAPI.Samples
11 | {
12 | class SimplePointAndClickScan
13 | {
14 | private static string _target = "https://neverwind.azurewebsites.net/";
15 | private static string _apikey = "on6qbod07ssf92587pme6rd5u8";
16 | private static ClientApi _api = new ClientApi("127.0.0.1", 7070, _apikey);
17 | private static IApiResponse _apiResponse;
18 |
19 | public static void Go()
20 | {
21 | string spiderScanId = StartSpidering();
22 | PollTheSpiderTillCompletion(spiderScanId);
23 |
24 | StartAjaxSpidering();
25 | PollTheAjaxSpiderTillCompletion();
26 |
27 | string activeScanId = StartActiveScanning();
28 | PollTheActiveScannerTillCompletion(activeScanId);
29 |
30 | string reportFileName = string.Format("report-{0}", DateTime.Now.ToString("dd-MMM-yyyy-hh-mm-ss"));
31 | WriteXmlReport(reportFileName);
32 | WriteHtmlReport(reportFileName);
33 | PrintAlertsToConsole();
34 |
35 | ShutdownZAP();
36 | }
37 |
38 | private static void ShutdownZAP()
39 | {
40 | _apiResponse = _api.core.shutdown();
41 | if ("OK" == ((ApiResponseElement)_apiResponse).Value)
42 | Console.WriteLine("ZAP shutdown success " + _target);
43 | }
44 |
45 | private static void PrintAlertsToConsole()
46 | {
47 | List alerts = _api.GetAlerts(_target, 0, 0, string.Empty);
48 | foreach (var alert in alerts)
49 | {
50 | Console.WriteLine(alert.AlertMessage
51 | + Environment.NewLine
52 | + alert.CWEId
53 | + Environment.NewLine
54 | + alert.Url
55 | + Environment.NewLine
56 | + alert.WASCId
57 | + Environment.NewLine
58 | + alert.Evidence
59 | + Environment.NewLine
60 | + alert.Parameter
61 | + Environment.NewLine
62 | );
63 | }
64 | }
65 |
66 | private static void WriteHtmlReport(string reportFileName)
67 | {
68 | File.WriteAllBytes(reportFileName + ".html", _api.core.htmlreport());
69 | }
70 |
71 | private static void WriteXmlReport(string reportFileName)
72 | {
73 | File.WriteAllBytes(reportFileName + ".xml", _api.core.xmlreport());
74 | }
75 |
76 | private static void PollTheActiveScannerTillCompletion(string activeScanId)
77 | {
78 | int activeScannerprogress;
79 | while (true)
80 | {
81 | Sleep(5000);
82 | activeScannerprogress = int.Parse(((ApiResponseElement)_api.ascan.status(activeScanId)).Value);
83 | Console.WriteLine("Active scanner progress: {0}%", activeScannerprogress);
84 | if (activeScannerprogress >= 100)
85 | break;
86 | }
87 | Console.WriteLine("Active scanner complete");
88 | }
89 |
90 | private static string StartActiveScanning()
91 | {
92 | Console.WriteLine("Active Scanner: " + _target);
93 | _apiResponse = _api.ascan.scan(_target, "", "", "", "", "", "");
94 |
95 | string activeScanId = ((ApiResponseElement)_apiResponse).Value;
96 | return activeScanId;
97 | }
98 |
99 | private static void PollTheAjaxSpiderTillCompletion()
100 | {
101 | while (true)
102 | {
103 | Sleep(1000);
104 | string ajaxSpiderStatusText = string.Empty;
105 | ajaxSpiderStatusText = Convert.ToString(((ApiResponseElement)_api.ajaxspider.status()).Value);
106 | if (ajaxSpiderStatusText.IndexOf("running", StringComparison.InvariantCultureIgnoreCase) > -1)
107 | Console.WriteLine("Ajax Spider running");
108 | else
109 | break;
110 | }
111 |
112 | Console.WriteLine("Ajax Spider complete");
113 | Sleep(10000);
114 | }
115 |
116 | private static void StartAjaxSpidering()
117 | {
118 | Console.WriteLine("Ajax Spider: " + _target);
119 | _apiResponse = _api.ajaxspider.scan(_target, "", "", "");
120 |
121 | if ("OK" == ((ApiResponseElement)_apiResponse).Value)
122 | Console.WriteLine("Ajax Spider started for " + _target);
123 | }
124 |
125 | private static void PollTheSpiderTillCompletion(string scanid)
126 | {
127 | int spiderProgress;
128 | while (true)
129 | {
130 | Sleep(1000);
131 | spiderProgress = int.Parse(((ApiResponseElement)_api.spider.status(scanid)).Value);
132 | Console.WriteLine("Spider progress: {0}%", spiderProgress);
133 | if (spiderProgress >= 100)
134 | break;
135 | }
136 |
137 | Console.WriteLine("Spider complete");
138 | Sleep(10000);
139 | }
140 |
141 | private static string StartSpidering()
142 | {
143 | Console.WriteLine("Spider: " + _target);
144 | _apiResponse = _api.spider.scan(_target, "", "", "", "");
145 | string scanid = ((ApiResponseElement)_apiResponse).Value;
146 | return scanid;
147 | }
148 |
149 | private static void LoadTargetUrlToSitesTree()
150 | {
151 | _api.AccessUrl(_target);
152 | }
153 |
154 | private static void Sleep(int milliseconds)
155 | {
156 | do
157 | {
158 | Thread.Sleep(milliseconds);
159 | Console.WriteLine("...zz" + Environment.NewLine);
160 | milliseconds = milliseconds - 2000;
161 | } while (milliseconds > 2000);
162 | }
163 | }
164 | }
165 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Samples/ZAP.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net;
6 | using System.Text;
7 | using System.Threading;
8 | using System.Threading.Tasks;
9 |
10 | namespace OWASPZAPDotNetAPI.Samples
11 | {
12 | ///
13 | /// Samples to start the OWASP Zed Attack Proxy
14 | /// Refer to the command line options at https://github.com/zaproxy/zap-core-help/wiki/HelpCmdline
15 | ///
16 | public static class ZAP
17 | {
18 | public static void StartZapUI()
19 | {
20 | Console.WriteLine("Trying to StartZapUI");
21 | ProcessStartInfo zapProcessStartInfo = new ProcessStartInfo();
22 | zapProcessStartInfo.FileName = @"C:\Program Files\OWASP\Zed Attack Proxy\ZAP.exe";
23 | zapProcessStartInfo.WorkingDirectory = @"C:\Program Files\OWASP\Zed Attack Proxy";
24 | zapProcessStartInfo.Arguments = "-host 127.0.0.1 -port 7070";
25 |
26 | Console.WriteLine(zapProcessStartInfo.ToString());
27 | Console.WriteLine("Issuing command to StartZapUI");
28 | Process zap = Process.Start(zapProcessStartInfo);
29 |
30 | //Sleep(120000);
31 | CheckIfZAPHasStartedByPollingTheAPI(2);
32 | }
33 |
34 | public static void StartZAPDaemon()
35 | {
36 | Console.WriteLine("Trying to StartZAPDaemon");
37 | ProcessStartInfo zapProcessStartInfo = new ProcessStartInfo();
38 | zapProcessStartInfo.FileName = @"C:\Program Files (x86)\OWASP\Zed Attack Proxy\ZAP.exe";
39 | zapProcessStartInfo.WorkingDirectory = @"C:\Program Files (x86)\OWASP\Zed Attack Proxy";
40 | zapProcessStartInfo.Arguments = "-daemon -host 127.0.0.1 -port 7070";
41 |
42 | Console.WriteLine("Issuing command to StartZAPDaemon");
43 | Console.WriteLine(zapProcessStartInfo.ToString());
44 | Process zap = Process.Start(zapProcessStartInfo);
45 |
46 | //Sleep(120000);
47 | CheckIfZAPHasStartedByPollingTheAPI(2);
48 | }
49 |
50 | private static void Sleep(int sleepTime)
51 | {
52 | Console.WriteLine("Sleeping for {0} minutes", sleepTime / 1000);
53 | Thread.Sleep(sleepTime);
54 | }
55 |
56 | public static void CheckIfZAPHasStartedByPollingTheAPI(int minutesToWait)
57 | {
58 | WebClient webClient = new WebClient();
59 | Stopwatch watch = new Stopwatch();
60 | watch.Start();
61 | int millisecondsToWait = minutesToWait * 60 * 1000;
62 | string zapUrlToDownload = "http://127.0.0.1:7070";
63 |
64 | while (millisecondsToWait > watch.ElapsedMilliseconds)
65 | {
66 | try
67 | {
68 | Console.WriteLine("Trying to check if ZAP has started by accessing the ZAP API at {0}", zapUrlToDownload);
69 | string responseString = webClient.DownloadString(zapUrlToDownload);
70 | Console.WriteLine(Environment.NewLine + responseString + Environment.NewLine);
71 | Console.WriteLine("Obtained a response from the ZAP API at {0} {1}Hence assuming that ZAP started successfully", zapUrlToDownload, Environment.NewLine);
72 | return;
73 | }
74 | catch (WebException webException)
75 | {
76 | Console.WriteLine("Seems like ZAP did not start yet");
77 | Console.WriteLine(webException.Message + Environment.NewLine);
78 | Console.WriteLine("Sleeping for 2 seconds");
79 | Thread.Sleep(2000);
80 | }
81 | }
82 |
83 | throw new Exception(string.Format("Waited for {0} minute(s), however could not access the API successfully, hence could not verify if ZAP started successfully or not", minutesToWait));
84 | }
85 |
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Tests/ClientApiTests.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using Microsoft.VisualStudio.TestTools.UnitTesting;
3 | using System.Collections.Generic;
4 |
5 | namespace OWASPZAPDotNetAPI.Tests
6 | {
7 | [TestClass]
8 | public class ClientApiTests
9 | {
10 | private ClientApi zap;
11 |
12 | [TestInitialize]
13 | public void InstantiateClientApi()
14 | {
15 | zap = new ClientApi("127.0.0.1", 7070, "on6qbod07ssf92587pme6rd5u8");
16 | }
17 |
18 | [TestCleanup]
19 | public void DisposeClientApi()
20 | {
21 | zap.Dispose();
22 | }
23 |
24 | [TestMethod]
25 | public void When_CallApi_Is_Called_IApiResponse_IsReturned()
26 | {
27 | var response = zap.CallApi("authentication", "view", "getSupportedAuthenticationMethods", null);
28 | Assert.IsInstanceOfType(response, typeof(IApiResponse));
29 | }
30 |
31 | [TestMethod]
32 | public void When_CallApi_getSupportedAuthenticationMethods_Is_Called_ApiResponseList_IsReturned()
33 | {
34 | var response = zap.CallApi("authentication", "view", "getSupportedAuthenticationMethods", null);
35 | Assert.IsInstanceOfType(response, typeof(ApiResponseList));
36 | }
37 |
38 | [TestMethod]
39 | public void When_CallApi_getSupportedAuthenticationMethods_Is_Called_ApiResponseList_With_formBasedAuthentication_IsReturned()
40 | {
41 | var response = zap.CallApi("authentication", "view", "getSupportedAuthenticationMethods", null);
42 | bool formBasedAuthenticationFound = false;
43 | ApiResponseList apiResponseList = (ApiResponseList)response;
44 | foreach (var item in apiResponseList.List)
45 | {
46 | var apiResponseElement = (ApiResponseElement)item;
47 | if (apiResponseElement.Value == "formBasedAuthentication")
48 | {
49 | formBasedAuthenticationFound = true;
50 | break;
51 | }
52 | }
53 | Assert.IsTrue(formBasedAuthenticationFound);
54 | }
55 |
56 | [TestMethod]
57 | public void When_CallApi_alerts_Is_Called_ApiResponseList_Is_Returned()
58 | {
59 | var response = zap.CallApi("core", "view", "alerts", null);
60 | ApiResponseList apiResponseList = (ApiResponseList)response;
61 | Assert.IsInstanceOfType(response, typeof(ApiResponseList));
62 | }
63 |
64 | [TestMethod]
65 | public void When_CallApi_scanners_Is_Called_ApiResponseList_WithApiResponseSet_IsReturned()
66 | {
67 | var response = zap.CallApi("pscan", "view", "scanners", null);
68 | Assert.IsInstanceOfType(response, typeof(ApiResponseList));
69 | Assert.IsInstanceOfType(((ApiResponseList)response).List[0], typeof(ApiResponseSet));
70 | }
71 |
72 | [TestMethod]
73 | [ExpectedException(typeof(Exception))]
74 | public void When_CallApi_authentication_With_NonExistantMethod_Is_Called_Exception_Thrown()
75 | {
76 | try
77 | {
78 | IApiResponse response = zap.CallApi("authentication", "view", "aaaa", null);
79 |
80 | }
81 | catch (Exception ex)
82 | {
83 | StringAssert.Contains(ex.Message, "bad_view");
84 | throw;
85 | }
86 | }
87 |
88 | [TestMethod]
89 | [ExpectedException(typeof(Exception))]
90 | public void When_Api_getForcedUser_With_NonExistantContext_Is_Called_Exception_Thrown()
91 | {
92 | try
93 | {
94 | IApiResponse response = zap.forcedUser.getForcedUser("-1");
95 |
96 | }
97 | catch (Exception ex)
98 | {
99 | StringAssert.Contains(ex.Message, "context_not_found");
100 | throw;
101 | }
102 | }
103 |
104 | [TestMethod]
105 | [ExpectedException(typeof(Exception))]
106 | public void When_Api_setMode_With_NonAllowedValue_Is_Called_Exception_Thrown()
107 | {
108 | try
109 | {
110 | IApiResponse response = zap.core.setMode("ModeThatDoentExist");
111 | }
112 | catch (Exception ex)
113 | {
114 | StringAssert.Contains(ex.Message, "illegal_parameter");
115 | throw;
116 | }
117 | }
118 |
119 | [TestMethod]
120 | public void When_Api_setMode_With_Standard_Is_Called_ApiResponse_OK_Is_Returned()
121 | {
122 | IApiResponse response = zap.core.setMode("Standard");
123 | Assert.AreEqual("OK", ((ApiResponseElement)response).Value);
124 | }
125 |
126 | [TestMethod]
127 | public void When_Api_stopAllScans_Is_Called_ApiResponse_OK_Is_Returned()
128 | {
129 | IApiResponse response = zap.spider.stopAllScans();
130 | Assert.AreEqual("OK", ((ApiResponseElement)response).Value);
131 | }
132 | }
133 | }
134 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Tests/OWASPZAPDotNetAPI.Tests.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Debug
5 | AnyCPU
6 | {42F7EF4A-2091-40EC-B63C-694BC4AC3444}
7 | Library
8 | Properties
9 | OWASPZAPDotNetAPI.Tests
10 | OWASPZAPDotNetAPI.Tests
11 | v4.8
12 | 512
13 | {3AC096D0-A1C2-E12C-1390-A8335801FDAB};{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}
14 | 10.0
15 | $(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion)
16 | $(ProgramFiles)\Common Files\microsoft shared\VSTT\$(VisualStudioVersion)\UITestExtensionPackages
17 | False
18 | UnitTest
19 |
20 |
21 |
22 | true
23 | full
24 | false
25 | bin\Debug\
26 | DEBUG;TRACE
27 | prompt
28 | 4
29 |
30 |
31 | pdbonly
32 | true
33 | bin\Release\
34 | TRACE
35 | prompt
36 | 4
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 | {112707db-10a3-40c9-bff2-172c2a9e82eb}
60 | OWASPZAPDotNetAPI
61 |
62 |
63 |
64 |
65 |
66 |
67 | False
68 |
69 |
70 | False
71 |
72 |
73 | False
74 |
75 |
76 | False
77 |
78 |
79 |
80 |
81 |
82 |
83 |
90 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.Tests/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("OWASPZAPDotNetAPI.Tests")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("OWASP")]
12 | [assembly: AssemblyProduct("OWASPZAPDotNetAPI.Tests")]
13 | [assembly: AssemblyCopyright("Copyright © 2017")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | [assembly: Guid("d02c20a1-6728-4ca2-b797-60195e186352")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("2.8.0.0")]
36 | [assembly: AssemblyFileVersion("2.8.0.0")]
37 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 2012
4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OWASPZAPDotNetAPI", "OWASPZAPDotNetAPI\OWASPZAPDotNetAPI.csproj", "{112707DB-10A3-40C9-BFF2-172C2A9E82EB}"
5 | EndProject
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OWASPZAPDotNetAPI.Tests", "OWASPZAPDotNetAPI.Tests\OWASPZAPDotNetAPI.Tests.csproj", "{42F7EF4A-2091-40EC-B63C-694BC4AC3444}"
7 | EndProject
8 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OWASPZAPDotNetAPI.Samples", "OWASPZAPDotNetAPI.Samples\OWASPZAPDotNetAPI.Samples.csproj", "{7B059393-0292-43BF-AE1C-D2DB4336453C}"
9 | EndProject
10 | Global
11 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
12 | Debug|Any CPU = Debug|Any CPU
13 | Release|Any CPU = Release|Any CPU
14 | EndGlobalSection
15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | {112707DB-10A3-40C9-BFF2-172C2A9E82EB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
17 | {112707DB-10A3-40C9-BFF2-172C2A9E82EB}.Debug|Any CPU.Build.0 = Debug|Any CPU
18 | {112707DB-10A3-40C9-BFF2-172C2A9E82EB}.Release|Any CPU.ActiveCfg = Release|Any CPU
19 | {112707DB-10A3-40C9-BFF2-172C2A9E82EB}.Release|Any CPU.Build.0 = Release|Any CPU
20 | {42F7EF4A-2091-40EC-B63C-694BC4AC3444}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
21 | {42F7EF4A-2091-40EC-B63C-694BC4AC3444}.Debug|Any CPU.Build.0 = Debug|Any CPU
22 | {42F7EF4A-2091-40EC-B63C-694BC4AC3444}.Release|Any CPU.ActiveCfg = Release|Any CPU
23 | {42F7EF4A-2091-40EC-B63C-694BC4AC3444}.Release|Any CPU.Build.0 = Release|Any CPU
24 | {7B059393-0292-43BF-AE1C-D2DB4336453C}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
25 | {7B059393-0292-43BF-AE1C-D2DB4336453C}.Debug|Any CPU.Build.0 = Debug|Any CPU
26 | {7B059393-0292-43BF-AE1C-D2DB4336453C}.Release|Any CPU.ActiveCfg = Release|Any CPU
27 | {7B059393-0292-43BF-AE1C-D2DB4336453C}.Release|Any CPU.Build.0 = Release|Any CPU
28 | EndGlobalSection
29 | GlobalSection(SolutionProperties) = preSolution
30 | HideSolutionNode = FALSE
31 | EndGlobalSection
32 | EndGlobal
33 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Alerts.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 |
27 | namespace OWASPZAPDotNetAPI
28 | {
29 | public class Alert
30 | {
31 | public enum RiskLevel {Informational, Low, Medium, High}
32 | [Obsolete("Use of ReliabilityLevel has been deprecated from 2.4.0 in favour of using ConfidenceLevel.")]
33 | public enum ReliabilityLevel { Suspicious, Warning}
34 | public enum ConfidenceLevel { Low, Medium, High, Confirmed }
35 | public string AlertMessage { get; set; }
36 | public RiskLevel Risk { get; set; }
37 | [Obsolete("Use of Reliability has been deprecated from 2.4.0 in favour of using Confidence.")]
38 | public ReliabilityLevel Reliability { get; set; }
39 | public ConfidenceLevel Confidence { get; set; }
40 | public string Url { get; set; }
41 | public string Other { get; set; }
42 | public string Parameter { get; set; }
43 | public string Attack { get; set; }
44 | public string Evidence { get; set; }
45 | public string Description { get; set; }
46 | public string Reference { get; set; }
47 | public string Solution { get; set; }
48 | public int CWEId { get; set; }
49 | public int WASCId { get; set; }
50 |
51 | public Alert(string alert, string url)
52 | {
53 | this.AlertMessage = alert;
54 | this.Url = url;
55 | }
56 |
57 | public Alert(string alert, string url, RiskLevel risk, ConfidenceLevel confidence)
58 | :
59 | this(alert, url)
60 | {
61 | this.Risk = risk;
62 | this.Confidence = confidence;
63 | }
64 |
65 | public Alert(string alert, string url, RiskLevel risk, ConfidenceLevel confidence, string parameter, string other)
66 | :
67 | this(alert, url, risk, confidence)
68 | {
69 | this.Other = other;
70 | this.Parameter = parameter;
71 | }
72 |
73 | public Alert(string alert, string url, RiskLevel risk, ConfidenceLevel confidence,
74 | string parameter, string other, string attack, string description, string reference, string solution,
75 | string evidence, int cweId, int wascId)
76 | :
77 | this(alert, url, risk, confidence, parameter, other)
78 | {
79 | this.Attack = attack;
80 | this.Description = description;
81 | this.Reference = reference;
82 | this.Solution = solution;
83 | this.Evidence = evidence;
84 | this.CWEId = cweId;
85 | this.WASCId = wascId;
86 | }
87 |
88 | public override bool Equals(object obj)
89 | {
90 | if (obj == null || GetType() != obj.GetType())
91 | return false;
92 |
93 | Alert alertToCompate = (Alert)obj;
94 |
95 | if (this.AlertMessage == null)
96 | {
97 | if (alertToCompate.AlertMessage != null)
98 | {
99 | return false;
100 | }
101 | }
102 | else if (!this.AlertMessage.Equals(alertToCompate.AlertMessage))
103 | {
104 | return false;
105 | }
106 |
107 | if (!this.Risk.Equals(alertToCompate.Risk))
108 | {
109 | return false;
110 | }
111 |
112 | if (!this.Confidence.Equals(alertToCompate.Confidence))
113 | {
114 | return false;
115 | }
116 |
117 | if (this.Url == null)
118 | {
119 | if (alertToCompate.Url != null)
120 | {
121 | return false;
122 | }
123 | }
124 | else if (!this.Url.Equals(alertToCompate.Url))
125 | {
126 | return false;
127 | }
128 |
129 | if (this.Other == null)
130 | {
131 | if (alertToCompate.Other != null)
132 | {
133 | return false;
134 | }
135 | }
136 | else if (!this.Other.Equals(alertToCompate.Other))
137 | {
138 | return false;
139 | }
140 |
141 | if (this.Parameter == null)
142 | {
143 | if (alertToCompate.Parameter != null)
144 | {
145 | return false;
146 | }
147 | }
148 | else if (!this.Parameter.Equals(alertToCompate.Parameter))
149 | {
150 | return false;
151 | }
152 |
153 | if (this.Attack == null)
154 | {
155 | if (alertToCompate.Attack != null)
156 | {
157 | return false;
158 | }
159 | }
160 | else if (!this.Attack.Equals(alertToCompate.Attack))
161 | {
162 | return false;
163 | }
164 |
165 | if (this.Evidence == null)
166 | {
167 | if (alertToCompate.Evidence != null)
168 | {
169 | return false;
170 | }
171 | }
172 | else if (!this.Evidence.Equals(alertToCompate.Evidence))
173 | {
174 | return false;
175 | }
176 |
177 | if (this.Description == null)
178 | {
179 | if (alertToCompate.Description != null)
180 | {
181 | return false;
182 | }
183 | }
184 | else if (!this.Description.Equals(alertToCompate.Description))
185 | {
186 | return false;
187 | }
188 |
189 | if (this.Reference == null)
190 | {
191 | if (alertToCompate.Reference != null)
192 | {
193 | return false;
194 | }
195 | }
196 | else if (!this.Reference.Equals(alertToCompate.Reference))
197 | {
198 | return false;
199 | }
200 |
201 | if (this.Solution == null)
202 | {
203 | if (alertToCompate.Solution != null)
204 | {
205 | return false;
206 | }
207 | }
208 | else if (!this.Solution.Equals(alertToCompate.Solution))
209 | {
210 | return false;
211 | }
212 |
213 | if (this.CWEId != alertToCompate.CWEId)
214 | {
215 | return false;
216 | }
217 |
218 | if (this.WASCId != alertToCompate.WASCId)
219 | {
220 | return false;
221 | }
222 |
223 | return true;
224 | }
225 |
226 | public override int GetHashCode()
227 | {
228 | unchecked
229 | {
230 | int hash = 17;
231 | hash = hash * 23 + ((AlertMessage == null) ? 0 : AlertMessage.GetHashCode());
232 | hash = hash * 23 + (Risk.GetHashCode());
233 | hash = hash * 23 + (Confidence.GetHashCode());
234 | hash = hash * 23 + ((Url == null) ? 0 : Url.GetHashCode());
235 | hash = hash * 23 + ((Other == null) ? 0 : Other.GetHashCode());
236 | hash = hash * 23 + ((Parameter == null) ? 0 : Parameter.GetHashCode());
237 | hash = hash * 23 + ((Attack == null) ? 0 : Attack.GetHashCode());
238 | hash = hash * 23 + ((Evidence == null) ? 0 : Evidence.GetHashCode());
239 | hash = hash * 23 + ((Description == null) ? 0 : Description.GetHashCode());
240 | hash = hash * 23 + ((Reference == null) ? 0 : Reference.GetHashCode());
241 | hash = hash * 23 + ((Solution == null) ? 0 : Solution.GetHashCode());
242 | hash = hash * 23 + CWEId.GetHashCode();
243 | hash = hash * 23 + WASCId.GetHashCode();
244 | return hash;
245 | }
246 | }
247 |
248 | public override string ToString()
249 | {
250 | return base.ToString();
251 | }
252 | }
253 | }
254 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ApiResponse.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 |
27 | namespace OWASPZAPDotNetAPI
28 | {
29 | public class ApiResponse : IApiResponse
30 | {
31 | public string Name { get; set; }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ApiResponseElement.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 | using System.Xml;
27 |
28 | namespace OWASPZAPDotNetAPI
29 | {
30 | public class ApiResponseElement : IApiResponse
31 | {
32 | public string Name { get; set; }
33 | public string Value { get; set; }
34 |
35 | public ApiResponseElement(string name)
36 | {
37 | this.Name = name;
38 | }
39 |
40 | public ApiResponseElement(string name, string value)
41 | :
42 | this(name)
43 | {
44 | this.Value = value;
45 | }
46 |
47 | public ApiResponseElement(XmlNode node)
48 | :
49 | this(node.Name, node.InnerText)
50 | {
51 | }
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ApiResponseFactory.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 | using System.Xml;
27 |
28 | namespace OWASPZAPDotNetAPI
29 | {
30 | sealed class ApiResponseFactory
31 | {
32 | private ApiResponseFactory()
33 | {
34 | }
35 |
36 | public static IApiResponse GetResponse(XmlNode node)
37 | {
38 | if (node == null || node.Attributes.Count < 0)
39 | throw new ArgumentException("node");
40 |
41 | XmlNode typeNode = node.Attributes.GetNamedItem("type");
42 |
43 | if (typeNode != null)
44 | {
45 | string type = typeNode.Value;
46 |
47 | switch (type)
48 | {
49 | case "list":
50 | return new ApiResponseList(node);
51 | case "set":
52 | return new ApiResponseSet(node);
53 | case "exception":
54 | string exceptionString = GetExceptionString(node);
55 | throw new Exception(exceptionString);
56 | default:
57 | break;
58 | }
59 | }
60 |
61 | return new ApiResponseElement(node);
62 | }
63 |
64 | private static string GetExceptionString(XmlNode node)
65 | {
66 | XmlAttributeCollection attributes = node.Attributes;
67 | string code = attributes.GetNamedItem("code") != null ? attributes.GetNamedItem("code").Value : "0";
68 | string detail = attributes.GetNamedItem("detail") != null ? attributes.GetNamedItem("detail").Value : string.Empty;
69 | string text = node.Value != null ? node.Value : node.InnerText;
70 | return code + Environment.NewLine + detail + Environment.NewLine + text;
71 | }
72 | }
73 | }
74 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ApiResponseList.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 | using System.Xml;
27 |
28 | namespace OWASPZAPDotNetAPI
29 | {
30 | public class ApiResponseList : IApiResponse
31 | {
32 | public string Name { get; set; }
33 |
34 | private List list;
35 |
36 | public List List { get { return this.list; } }
37 |
38 | public ApiResponseList(string name)
39 | {
40 | this.Name = name;
41 | this.list = new List();
42 | }
43 |
44 | public ApiResponseList(string name, List apiResponse)
45 | {
46 | this.Name = name;
47 | this.list = apiResponse;
48 | }
49 |
50 | public ApiResponseList(string name, IApiResponse[] apiResponse)
51 | :
52 | this(name, apiResponse.ToList())
53 | {
54 | }
55 |
56 | public ApiResponseList(XmlNode node)
57 | :
58 | this(node.Name)
59 | {
60 | XmlNode childNode = node.FirstChild;
61 | while (childNode != null)
62 | {
63 | list.Add(ApiResponseFactory.GetResponse(childNode));
64 | childNode = childNode.NextSibling;
65 | }
66 | }
67 | }
68 | }
69 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ApiResponseSet.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 | using System.Xml;
27 |
28 | namespace OWASPZAPDotNetAPI
29 | {
30 | public class ApiResponseSet : IApiResponse
31 | {
32 | public string Name { get; set; }
33 | private Dictionary dictionary;
34 | public Dictionary Dictionary { get { return this.dictionary; } }
35 | //private string[] attributes; // attributes field is present at org.zaproxy.clientapi.core, but I couldn't track the usage in the java api client, hence ignoring it in the dot net api
36 |
37 | public ApiResponseSet(string name)
38 | {
39 | this.Name = name;
40 | }
41 |
42 | public ApiResponseSet(string name, Dictionary dictionary)
43 | {
44 | this.Name = name;
45 | this.dictionary = dictionary;
46 | }
47 |
48 | public ApiResponseSet(XmlNode node)
49 | {
50 | this.Name = node.Name;
51 | XmlNode childNode = node.FirstChild;
52 | this.dictionary = new Dictionary();
53 | while (childNode != null)
54 | {
55 | IApiResponse apiResponse = ApiResponseFactory.GetResponse(childNode);
56 | this.dictionary.Add(apiResponse.Name, apiResponse);
57 | childNode = childNode.NextSibling;
58 | }
59 | }
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/ExtensionMethods.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 | using System;
22 | using System.Collections.Generic;
23 | using System.Linq;
24 | using System.Text;
25 | using System.Threading.Tasks;
26 |
27 | namespace OWASPZAPDotNetAPI
28 | {
29 | public static class ExtensionMethods
30 | {
31 | public static string TryGetDictionaryString(this Dictionary dictionary, string key)
32 | {
33 | string retVal = string.Empty;
34 | IApiResponse response = null;
35 | dictionary.TryGetValue(key, out response);
36 | if (response != null)
37 | {
38 | if (response is ApiResponseElement)
39 | {
40 | retVal = ((ApiResponseElement)response).Value;
41 | }
42 | else if (response is ApiResponseList)
43 | {
44 | // If the response is a List, then it is probably the tags introduced in ZAP 2.11.0
45 | // TODO
46 | // Retrieving tag information is not supported yet
47 | }
48 | }
49 | return retVal;
50 | }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/AccessControl.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class AccessControl
33 | {
34 | private ClientApi api = null;
35 |
36 | public AccessControl(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Gets the Access Control scan progress (percentage integer) for the given context ID.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse getScanProgress(string contextid)
47 | {
48 | Dictionary parameters = null;
49 | parameters = new Dictionary();
50 | parameters.Add("contextId", contextid);
51 | return api.CallApi("accessControl", "view", "getScanProgress", parameters);
52 | }
53 |
54 | ///
55 | ///Gets the Access Control scan status (description string) for the given context ID.
56 | ///This component is optional and therefore the API will only work if it is installed
57 | ///
58 | ///
59 | public IApiResponse getScanStatus(string contextid)
60 | {
61 | Dictionary parameters = null;
62 | parameters = new Dictionary();
63 | parameters.Add("contextId", contextid);
64 | return api.CallApi("accessControl", "view", "getScanStatus", parameters);
65 | }
66 |
67 | ///
68 | ///Starts an Access Control scan with the given context ID and user ID. (Optional parameters: user ID for Unauthenticated user, boolean identifying whether or not Alerts are raised, and the Risk level for the Alerts.) [This assumes the Access Control rules were previously established via ZAP gui and the necessary Context exported/imported.]
69 | ///This component is optional and therefore the API will only work if it is installed
70 | ///
71 | ///
72 | public IApiResponse scan(string contextid, string userid, string scanasunauthuser, string raisealert, string alertrisklevel)
73 | {
74 | Dictionary parameters = null;
75 | parameters = new Dictionary();
76 | parameters.Add("contextId", contextid);
77 | parameters.Add("userId", userid);
78 | parameters.Add("scanAsUnAuthUser", scanasunauthuser);
79 | parameters.Add("raiseAlert", raisealert);
80 | parameters.Add("alertRiskLevel", alertrisklevel);
81 | return api.CallApi("accessControl", "action", "scan", parameters);
82 | }
83 |
84 | ///
85 | ///Generates an Access Control report for the given context ID and saves it based on the provided filename (path).
86 | ///This component is optional and therefore the API will only work if it is installed
87 | ///
88 | ///
89 | public IApiResponse writeHTMLreport(string contextid, string filename)
90 | {
91 | Dictionary parameters = null;
92 | parameters = new Dictionary();
93 | parameters.Add("contextId", contextid);
94 | parameters.Add("fileName", filename);
95 | return api.CallApi("accessControl", "action", "writeHTMLreport", parameters);
96 | }
97 |
98 | }
99 | }
100 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Acsrf.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Acsrf
33 | {
34 | private ClientApi api = null;
35 |
36 | public Acsrf(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Lists the names of all anti-CSRF tokens
43 | ///
44 | ///
45 | public IApiResponse optionTokensNames()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("acsrf", "view", "optionTokensNames", parameters);
49 | }
50 |
51 | ///
52 | ///Define if ZAP should detect CSRF tokens by searching for partial matches
53 | ///
54 | ///
55 | public IApiResponse optionPartialMatchingEnabled()
56 | {
57 | Dictionary parameters = null;
58 | return api.CallApi("acsrf", "view", "optionPartialMatchingEnabled", parameters);
59 | }
60 |
61 | ///
62 | ///Adds an anti-CSRF token with the given name, enabled by default
63 | ///
64 | ///
65 | public IApiResponse addOptionToken(string str)
66 | {
67 | Dictionary parameters = null;
68 | parameters = new Dictionary();
69 | parameters.Add("String", str);
70 | return api.CallApi("acsrf", "action", "addOptionToken", parameters);
71 | }
72 |
73 | ///
74 | ///Removes the anti-CSRF token with the given name
75 | ///
76 | ///
77 | public IApiResponse removeOptionToken(string str)
78 | {
79 | Dictionary parameters = null;
80 | parameters = new Dictionary();
81 | parameters.Add("String", str);
82 | return api.CallApi("acsrf", "action", "removeOptionToken", parameters);
83 | }
84 |
85 | ///
86 | ///Define if ZAP should detect CSRF tokens by searching for partial matches.
87 | ///
88 | ///
89 | public IApiResponse setOptionPartialMatchingEnabled(bool boolean)
90 | {
91 | Dictionary parameters = null;
92 | parameters = new Dictionary();
93 | parameters.Add("Boolean", Convert.ToString(boolean));
94 | return api.CallApi("acsrf", "action", "setOptionPartialMatchingEnabled", parameters);
95 | }
96 |
97 | ///
98 | ///Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP
99 | ///
100 | ///
101 | public byte[] genForm(string hrefid, string actionurl)
102 | {
103 | Dictionary parameters = null;
104 | parameters = new Dictionary();
105 | parameters.Add("hrefId", hrefid);
106 | parameters.Add("actionUrl", actionurl);
107 | return api.CallApiOther("acsrf", "other", "genForm", parameters);
108 | }
109 |
110 | }
111 | }
112 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Alert.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Alert
33 | {
34 | private ClientApi api = null;
35 |
36 | public Alert(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method
43 | ///
44 | ///
45 | public IApiResponse alert(string id)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("id", id);
50 | return api.CallApi("alert", "view", "alert", parameters);
51 | }
52 |
53 | ///
54 | ///Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts
55 | ///
56 | ///
57 | public IApiResponse alerts(string baseurl, string start, string count, string riskid)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("baseurl", baseurl);
62 | parameters.Add("start", start);
63 | parameters.Add("count", count);
64 | parameters.Add("riskId", riskid);
65 | return api.CallApi("alert", "view", "alerts", parameters);
66 | }
67 |
68 | ///
69 | ///Gets number of alerts grouped by each risk level, optionally filtering by URL
70 | ///
71 | ///
72 | public IApiResponse alertsSummary(string baseurl)
73 | {
74 | Dictionary parameters = null;
75 | parameters = new Dictionary();
76 | parameters.Add("baseurl", baseurl);
77 | return api.CallApi("alert", "view", "alertsSummary", parameters);
78 | }
79 |
80 | ///
81 | ///Gets the number of alerts, optionally filtering by URL or riskId
82 | ///
83 | ///
84 | public IApiResponse numberOfAlerts(string baseurl, string riskid)
85 | {
86 | Dictionary parameters = null;
87 | parameters = new Dictionary();
88 | parameters.Add("baseurl", baseurl);
89 | parameters.Add("riskId", riskid);
90 | return api.CallApi("alert", "view", "numberOfAlerts", parameters);
91 | }
92 |
93 | ///
94 | ///Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url parameters)
95 | ///
96 | ///
97 | public IApiResponse alertsByRisk(string url, string recurse)
98 | {
99 | Dictionary parameters = null;
100 | parameters = new Dictionary();
101 | parameters.Add("url", url);
102 | parameters.Add("recurse", recurse);
103 | return api.CallApi("alert", "view", "alertsByRisk", parameters);
104 | }
105 |
106 | ///
107 | ///Gets a count of the alerts, optionally filtered as per alertsPerRisk
108 | ///
109 | ///
110 | public IApiResponse alertCountsByRisk(string url, string recurse)
111 | {
112 | Dictionary parameters = null;
113 | parameters = new Dictionary();
114 | parameters.Add("url", url);
115 | parameters.Add("recurse", recurse);
116 | return api.CallApi("alert", "view", "alertCountsByRisk", parameters);
117 | }
118 |
119 | ///
120 | ///Deletes all alerts of the current session.
121 | ///
122 | ///
123 | public IApiResponse deleteAllAlerts()
124 | {
125 | Dictionary parameters = null;
126 | return api.CallApi("alert", "action", "deleteAllAlerts", parameters);
127 | }
128 |
129 | ///
130 | ///Deletes the alert with the given ID.
131 | ///
132 | ///
133 | public IApiResponse deleteAlert(string id)
134 | {
135 | Dictionary parameters = null;
136 | parameters = new Dictionary();
137 | parameters.Add("id", id);
138 | return api.CallApi("alert", "action", "deleteAlert", parameters);
139 | }
140 |
141 | ///
142 | ///Update the confidence of the alerts.
143 | ///
144 | ///
145 | public IApiResponse updateAlertsConfidence(string ids, string confidenceid)
146 | {
147 | Dictionary parameters = null;
148 | parameters = new Dictionary();
149 | parameters.Add("ids", ids);
150 | parameters.Add("confidenceId", confidenceid);
151 | return api.CallApi("alert", "action", "updateAlertsConfidence", parameters);
152 | }
153 |
154 | ///
155 | ///Update the risk of the alerts.
156 | ///
157 | ///
158 | public IApiResponse updateAlertsRisk(string ids, string riskid)
159 | {
160 | Dictionary parameters = null;
161 | parameters = new Dictionary();
162 | parameters.Add("ids", ids);
163 | parameters.Add("riskId", riskid);
164 | return api.CallApi("alert", "action", "updateAlertsRisk", parameters);
165 | }
166 |
167 | ///
168 | ///Update the alert with the given ID, with the provided details.
169 | ///
170 | ///
171 | public IApiResponse updateAlert(string id, string name, string riskid, string confidenceid, string description, string param, string attack, string otherinfo, string solution, string references, string evidence, string cweid, string wascid)
172 | {
173 | Dictionary parameters = null;
174 | parameters = new Dictionary();
175 | parameters.Add("id", id);
176 | parameters.Add("name", name);
177 | parameters.Add("riskId", riskid);
178 | parameters.Add("confidenceId", confidenceid);
179 | parameters.Add("description", description);
180 | parameters.Add("param", param);
181 | parameters.Add("attack", attack);
182 | parameters.Add("otherInfo", otherinfo);
183 | parameters.Add("solution", solution);
184 | parameters.Add("references", references);
185 | parameters.Add("evidence", evidence);
186 | parameters.Add("cweId", cweid);
187 | parameters.Add("wascId", wascid);
188 | return api.CallApi("alert", "action", "updateAlert", parameters);
189 | }
190 |
191 | ///
192 | ///Add an alert associated with the given message ID, with the provided details. (The ID of the created alert is returned.)
193 | ///
194 | ///
195 | public IApiResponse addAlert(string messageid, string name, string riskid, string confidenceid, string description, string param, string attack, string otherinfo, string solution, string references, string evidence, string cweid, string wascid)
196 | {
197 | Dictionary parameters = null;
198 | parameters = new Dictionary();
199 | parameters.Add("messageId", messageid);
200 | parameters.Add("name", name);
201 | parameters.Add("riskId", riskid);
202 | parameters.Add("confidenceId", confidenceid);
203 | parameters.Add("description", description);
204 | parameters.Add("param", param);
205 | parameters.Add("attack", attack);
206 | parameters.Add("otherInfo", otherinfo);
207 | parameters.Add("solution", solution);
208 | parameters.Add("references", references);
209 | parameters.Add("evidence", evidence);
210 | parameters.Add("cweId", cweid);
211 | parameters.Add("wascId", wascid);
212 | return api.CallApi("alert", "action", "addAlert", parameters);
213 | }
214 |
215 | }
216 | }
217 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/AlertFilter.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class AlertFilter
33 | {
34 | private ClientApi api = null;
35 |
36 | public AlertFilter(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Lists the alert filters of the context with the given ID.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse alertFilterList(string contextid)
47 | {
48 | Dictionary parameters = null;
49 | parameters = new Dictionary();
50 | parameters.Add("contextId", contextid);
51 | return api.CallApi("alertFilter", "view", "alertFilterList", parameters);
52 | }
53 |
54 | ///
55 | ///Lists the global alert filters.
56 | ///This component is optional and therefore the API will only work if it is installed
57 | ///
58 | ///
59 | public IApiResponse globalAlertFilterList()
60 | {
61 | Dictionary parameters = null;
62 | return api.CallApi("alertFilter", "view", "globalAlertFilterList", parameters);
63 | }
64 |
65 | ///
66 | ///Adds a new alert filter for the context with the given ID.
67 | ///This component is optional and therefore the API will only work if it is installed
68 | ///
69 | ///
70 | public IApiResponse addAlertFilter(string contextid, string ruleid, string newlevel, string url, string urlisregex, string parameter, string enabled, string parameterisregex, string attack, string attackisregex, string evidence, string evidenceisregex)
71 | {
72 | Dictionary parameters = null;
73 | parameters = new Dictionary();
74 | parameters.Add("contextId", contextid);
75 | parameters.Add("ruleId", ruleid);
76 | parameters.Add("newLevel", newlevel);
77 | parameters.Add("url", url);
78 | parameters.Add("urlIsRegex", urlisregex);
79 | parameters.Add("parameter", parameter);
80 | parameters.Add("enabled", enabled);
81 | parameters.Add("parameterIsRegex", parameterisregex);
82 | parameters.Add("attack", attack);
83 | parameters.Add("attackIsRegex", attackisregex);
84 | parameters.Add("evidence", evidence);
85 | parameters.Add("evidenceIsRegex", evidenceisregex);
86 | return api.CallApi("alertFilter", "action", "addAlertFilter", parameters);
87 | }
88 |
89 | ///
90 | ///Removes an alert filter from the context with the given ID.
91 | ///This component is optional and therefore the API will only work if it is installed
92 | ///
93 | ///
94 | public IApiResponse removeAlertFilter(string contextid, string ruleid, string newlevel, string url, string urlisregex, string parameter, string enabled, string parameterisregex, string attack, string attackisregex, string evidence, string evidenceisregex)
95 | {
96 | Dictionary parameters = null;
97 | parameters = new Dictionary();
98 | parameters.Add("contextId", contextid);
99 | parameters.Add("ruleId", ruleid);
100 | parameters.Add("newLevel", newlevel);
101 | parameters.Add("url", url);
102 | parameters.Add("urlIsRegex", urlisregex);
103 | parameters.Add("parameter", parameter);
104 | parameters.Add("enabled", enabled);
105 | parameters.Add("parameterIsRegex", parameterisregex);
106 | parameters.Add("attack", attack);
107 | parameters.Add("attackIsRegex", attackisregex);
108 | parameters.Add("evidence", evidence);
109 | parameters.Add("evidenceIsRegex", evidenceisregex);
110 | return api.CallApi("alertFilter", "action", "removeAlertFilter", parameters);
111 | }
112 |
113 | ///
114 | ///Adds a new global alert filter.
115 | ///This component is optional and therefore the API will only work if it is installed
116 | ///
117 | ///
118 | public IApiResponse addGlobalAlertFilter(string ruleid, string newlevel, string url, string urlisregex, string parameter, string enabled, string parameterisregex, string attack, string attackisregex, string evidence, string evidenceisregex)
119 | {
120 | Dictionary parameters = null;
121 | parameters = new Dictionary();
122 | parameters.Add("ruleId", ruleid);
123 | parameters.Add("newLevel", newlevel);
124 | parameters.Add("url", url);
125 | parameters.Add("urlIsRegex", urlisregex);
126 | parameters.Add("parameter", parameter);
127 | parameters.Add("enabled", enabled);
128 | parameters.Add("parameterIsRegex", parameterisregex);
129 | parameters.Add("attack", attack);
130 | parameters.Add("attackIsRegex", attackisregex);
131 | parameters.Add("evidence", evidence);
132 | parameters.Add("evidenceIsRegex", evidenceisregex);
133 | return api.CallApi("alertFilter", "action", "addGlobalAlertFilter", parameters);
134 | }
135 |
136 | ///
137 | ///Removes a global alert filter.
138 | ///This component is optional and therefore the API will only work if it is installed
139 | ///
140 | ///
141 | public IApiResponse removeGlobalAlertFilter(string ruleid, string newlevel, string url, string urlisregex, string parameter, string enabled, string parameterisregex, string attack, string attackisregex, string evidence, string evidenceisregex)
142 | {
143 | Dictionary parameters = null;
144 | parameters = new Dictionary();
145 | parameters.Add("ruleId", ruleid);
146 | parameters.Add("newLevel", newlevel);
147 | parameters.Add("url", url);
148 | parameters.Add("urlIsRegex", urlisregex);
149 | parameters.Add("parameter", parameter);
150 | parameters.Add("enabled", enabled);
151 | parameters.Add("parameterIsRegex", parameterisregex);
152 | parameters.Add("attack", attack);
153 | parameters.Add("attackIsRegex", attackisregex);
154 | parameters.Add("evidence", evidence);
155 | parameters.Add("evidenceIsRegex", evidenceisregex);
156 | return api.CallApi("alertFilter", "action", "removeGlobalAlertFilter", parameters);
157 | }
158 |
159 | ///
160 | ///Applies all currently enabled Global and Context alert filters.
161 | ///This component is optional and therefore the API will only work if it is installed
162 | ///
163 | ///
164 | public IApiResponse applyAll()
165 | {
166 | Dictionary parameters = null;
167 | return api.CallApi("alertFilter", "action", "applyAll", parameters);
168 | }
169 |
170 | ///
171 | ///Applies all currently enabled Context alert filters.
172 | ///This component is optional and therefore the API will only work if it is installed
173 | ///
174 | ///
175 | public IApiResponse applyContext()
176 | {
177 | Dictionary parameters = null;
178 | return api.CallApi("alertFilter", "action", "applyContext", parameters);
179 | }
180 |
181 | ///
182 | ///Applies all currently enabled Global alert filters.
183 | ///This component is optional and therefore the API will only work if it is installed
184 | ///
185 | ///
186 | public IApiResponse applyGlobal()
187 | {
188 | Dictionary parameters = null;
189 | return api.CallApi("alertFilter", "action", "applyGlobal", parameters);
190 | }
191 |
192 | ///
193 | ///Tests all currently enabled Global and Context alert filters.
194 | ///This component is optional and therefore the API will only work if it is installed
195 | ///
196 | ///
197 | public IApiResponse testAll()
198 | {
199 | Dictionary parameters = null;
200 | return api.CallApi("alertFilter", "action", "testAll", parameters);
201 | }
202 |
203 | ///
204 | ///Tests all currently enabled Context alert filters.
205 | ///This component is optional and therefore the API will only work if it is installed
206 | ///
207 | ///
208 | public IApiResponse testContext()
209 | {
210 | Dictionary parameters = null;
211 | return api.CallApi("alertFilter", "action", "testContext", parameters);
212 | }
213 |
214 | ///
215 | ///Tests all currently enabled Global alert filters.
216 | ///This component is optional and therefore the API will only work if it is installed
217 | ///
218 | ///
219 | public IApiResponse testGlobal()
220 | {
221 | Dictionary parameters = null;
222 | return api.CallApi("alertFilter", "action", "testGlobal", parameters);
223 | }
224 |
225 | }
226 | }
227 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Authentication.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Authentication
33 | {
34 | private ClientApi api = null;
35 |
36 | public Authentication(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Gets the name of the authentication methods.
43 | ///
44 | ///
45 | public IApiResponse getSupportedAuthenticationMethods()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("authentication", "view", "getSupportedAuthenticationMethods", parameters);
49 | }
50 |
51 | ///
52 | ///Gets the configuration parameters for the authentication method with the given name.
53 | ///
54 | ///
55 | public IApiResponse getAuthenticationMethodConfigParams(string authmethodname)
56 | {
57 | Dictionary parameters = null;
58 | parameters = new Dictionary();
59 | parameters.Add("authMethodName", authmethodname);
60 | return api.CallApi("authentication", "view", "getAuthenticationMethodConfigParams", parameters);
61 | }
62 |
63 | ///
64 | ///Gets the name of the authentication method for the context with the given ID.
65 | ///
66 | ///
67 | public IApiResponse getAuthenticationMethod(string contextid)
68 | {
69 | Dictionary parameters = null;
70 | parameters = new Dictionary();
71 | parameters.Add("contextId", contextid);
72 | return api.CallApi("authentication", "view", "getAuthenticationMethod", parameters);
73 | }
74 |
75 | ///
76 | ///Gets the logged in indicator for the context with the given ID.
77 | ///
78 | ///
79 | public IApiResponse getLoggedInIndicator(string contextid)
80 | {
81 | Dictionary parameters = null;
82 | parameters = new Dictionary();
83 | parameters.Add("contextId", contextid);
84 | return api.CallApi("authentication", "view", "getLoggedInIndicator", parameters);
85 | }
86 |
87 | ///
88 | ///Gets the logged out indicator for the context with the given ID.
89 | ///
90 | ///
91 | public IApiResponse getLoggedOutIndicator(string contextid)
92 | {
93 | Dictionary parameters = null;
94 | parameters = new Dictionary();
95 | parameters.Add("contextId", contextid);
96 | return api.CallApi("authentication", "view", "getLoggedOutIndicator", parameters);
97 | }
98 |
99 | ///
100 | ///Sets the authentication method for the context with the given ID.
101 | ///
102 | ///
103 | public IApiResponse setAuthenticationMethod(string contextid, string authmethodname, string authmethodconfigparams)
104 | {
105 | Dictionary parameters = null;
106 | parameters = new Dictionary();
107 | parameters.Add("contextId", contextid);
108 | parameters.Add("authMethodName", authmethodname);
109 | parameters.Add("authMethodConfigParams", authmethodconfigparams);
110 | return api.CallApi("authentication", "action", "setAuthenticationMethod", parameters);
111 | }
112 |
113 | ///
114 | ///Sets the logged in indicator for the context with the given ID.
115 | ///
116 | ///
117 | public IApiResponse setLoggedInIndicator(string contextid, string loggedinindicatorregex)
118 | {
119 | Dictionary parameters = null;
120 | parameters = new Dictionary();
121 | parameters.Add("contextId", contextid);
122 | parameters.Add("loggedInIndicatorRegex", loggedinindicatorregex);
123 | return api.CallApi("authentication", "action", "setLoggedInIndicator", parameters);
124 | }
125 |
126 | ///
127 | ///Sets the logged out indicator for the context with the given ID.
128 | ///
129 | ///
130 | public IApiResponse setLoggedOutIndicator(string contextid, string loggedoutindicatorregex)
131 | {
132 | Dictionary parameters = null;
133 | parameters = new Dictionary();
134 | parameters.Add("contextId", contextid);
135 | parameters.Add("loggedOutIndicatorRegex", loggedoutindicatorregex);
136 | return api.CallApi("authentication", "action", "setLoggedOutIndicator", parameters);
137 | }
138 |
139 | }
140 | }
141 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Authorization.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Authorization
33 | {
34 | private ClientApi api = null;
35 |
36 | public Authorization(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Obtains all the configuration of the authorization detection method that is currently set for a context.
43 | ///
44 | ///
45 | public IApiResponse getAuthorizationDetectionMethod(string contextid)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("contextId", contextid);
50 | return api.CallApi("authorization", "view", "getAuthorizationDetectionMethod", parameters);
51 | }
52 |
53 | ///
54 | ///Sets the authorization detection method for a context as one that identifies un-authorized messages based on: the message's status code or a regex pattern in the response's header or body. Also, whether all conditions must match or just some can be specified via the logicalOperator parameter, which accepts two values: "AND" (default), "OR".
55 | ///
56 | ///
57 | public IApiResponse setBasicAuthorizationDetectionMethod(string contextid, string headerregex, string bodyregex, string statuscode, string logicaloperator)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("contextId", contextid);
62 | parameters.Add("headerRegex", headerregex);
63 | parameters.Add("bodyRegex", bodyregex);
64 | parameters.Add("statusCode", statuscode);
65 | parameters.Add("logicalOperator", logicaloperator);
66 | return api.CallApi("authorization", "action", "setBasicAuthorizationDetectionMethod", parameters);
67 | }
68 |
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Automation.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Automation
33 | {
34 | private ClientApi api = null;
35 |
36 | public Automation(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///This component is optional and therefore the API will only work if it is installed
43 | ///
44 | ///
45 | public IApiResponse planProgress(string planid)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("planId", planid);
50 | return api.CallApi("automation", "view", "planProgress", parameters);
51 | }
52 |
53 | ///
54 | ///This component is optional and therefore the API will only work if it is installed
55 | ///
56 | ///
57 | public IApiResponse runPlan(string filepath)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("filePath", filepath);
62 | return api.CallApi("automation", "action", "runPlan", parameters);
63 | }
64 |
65 | ///
66 | ///This component is optional and therefore the API will only work if it is installed
67 | ///
68 | ///
69 | public IApiResponse endDelayJob()
70 | {
71 | Dictionary parameters = null;
72 | return api.CallApi("automation", "action", "endDelayJob", parameters);
73 | }
74 |
75 | }
76 | }
77 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Break.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Break
33 | {
34 | private ClientApi api = null;
35 |
36 | public Break(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Returns True if ZAP will break on both requests and responses
43 | ///
44 | ///
45 | public IApiResponse isBreakAll()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("break", "view", "isBreakAll", parameters);
49 | }
50 |
51 | ///
52 | ///Returns True if ZAP will break on requests
53 | ///
54 | ///
55 | public IApiResponse isBreakRequest()
56 | {
57 | Dictionary parameters = null;
58 | return api.CallApi("break", "view", "isBreakRequest", parameters);
59 | }
60 |
61 | ///
62 | ///Returns True if ZAP will break on responses
63 | ///
64 | ///
65 | public IApiResponse isBreakResponse()
66 | {
67 | Dictionary parameters = null;
68 | return api.CallApi("break", "view", "isBreakResponse", parameters);
69 | }
70 |
71 | ///
72 | ///Returns the HTTP message currently intercepted (if any)
73 | ///
74 | ///
75 | public IApiResponse httpMessage()
76 | {
77 | Dictionary parameters = null;
78 | return api.CallApi("break", "view", "httpMessage", parameters);
79 | }
80 |
81 | ///
82 | ///Controls the global break functionality. The type may be one of: http-all, http-request or http-response. The state may be true (for turning break on for the specified type) or false (for turning break off). Scope is not currently used.
83 | ///
84 | ///
85 | public IApiResponse brk(string type, string state, string scope)
86 | {
87 | Dictionary parameters = null;
88 | parameters = new Dictionary();
89 | parameters.Add("type", type);
90 | parameters.Add("state", state);
91 | parameters.Add("scope", scope);
92 | return api.CallApi("break", "action", "break", parameters);
93 | }
94 |
95 | ///
96 | ///Overwrites the currently intercepted message with the data provided
97 | ///
98 | ///
99 | public IApiResponse setHttpMessage(string httpheader, string httpbody)
100 | {
101 | Dictionary parameters = null;
102 | parameters = new Dictionary();
103 | parameters.Add("httpHeader", httpheader);
104 | parameters.Add("httpBody", httpbody);
105 | return api.CallApi("break", "action", "setHttpMessage", parameters);
106 | }
107 |
108 | ///
109 | ///Submits the currently intercepted message and unsets the global request/response breakpoints
110 | ///
111 | ///
112 | public IApiResponse cont()
113 | {
114 | Dictionary parameters = null;
115 | return api.CallApi("break", "action", "continue", parameters);
116 | }
117 |
118 | ///
119 | ///Submits the currently intercepted message, the next request or response will automatically be intercepted
120 | ///
121 | ///
122 | public IApiResponse step()
123 | {
124 | Dictionary parameters = null;
125 | return api.CallApi("break", "action", "step", parameters);
126 | }
127 |
128 | ///
129 | ///Drops the currently intercepted message
130 | ///
131 | ///
132 | public IApiResponse drop()
133 | {
134 | Dictionary parameters = null;
135 | return api.CallApi("break", "action", "drop", parameters);
136 | }
137 |
138 | ///
139 | ///Adds a custom HTTP breakpoint. The string is the string to match. Location may be one of: url, request_header, request_body, response_header or response_body. Match may be: contains or regex. Inverse (match) may be true or false. Lastly, ignorecase (when matching the string) may be true or false.
140 | ///
141 | ///
142 | public IApiResponse addHttpBreakpoint(string str, string location, string match, string inverse, string ignorecase)
143 | {
144 | Dictionary parameters = null;
145 | parameters = new Dictionary();
146 | parameters.Add("string", str);
147 | parameters.Add("location", location);
148 | parameters.Add("match", match);
149 | parameters.Add("inverse", inverse);
150 | parameters.Add("ignorecase", ignorecase);
151 | return api.CallApi("break", "action", "addHttpBreakpoint", parameters);
152 | }
153 |
154 | ///
155 | ///Removes the specified breakpoint
156 | ///
157 | ///
158 | public IApiResponse removeHttpBreakpoint(string str, string location, string match, string inverse, string ignorecase)
159 | {
160 | Dictionary parameters = null;
161 | parameters = new Dictionary();
162 | parameters.Add("string", str);
163 | parameters.Add("location", location);
164 | parameters.Add("match", match);
165 | parameters.Add("inverse", inverse);
166 | parameters.Add("ignorecase", ignorecase);
167 | return api.CallApi("break", "action", "removeHttpBreakpoint", parameters);
168 | }
169 |
170 | }
171 | }
172 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Exim.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Exim
33 | {
34 | private ClientApi api = null;
35 |
36 | public Exim(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Imports a HAR file.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse importHar(string filepath)
47 | {
48 | Dictionary parameters = null;
49 | parameters = new Dictionary();
50 | parameters.Add("filePath", filepath);
51 | return api.CallApi("exim", "action", "importHar", parameters);
52 | }
53 |
54 | ///
55 | ///Imports URLs (one per line) from the file with the given file system path.
56 | ///This component is optional and therefore the API will only work if it is installed
57 | ///
58 | ///
59 | public IApiResponse importUrls(string filepath)
60 | {
61 | Dictionary parameters = null;
62 | parameters = new Dictionary();
63 | parameters.Add("filePath", filepath);
64 | return api.CallApi("exim", "action", "importUrls", parameters);
65 | }
66 |
67 | ///
68 | ///Imports previously exported ZAP messages from the file with the given file system path.
69 | ///This component is optional and therefore the API will only work if it is installed
70 | ///
71 | ///
72 | public IApiResponse importZapLogs(string filepath)
73 | {
74 | Dictionary parameters = null;
75 | parameters = new Dictionary();
76 | parameters.Add("filePath", filepath);
77 | return api.CallApi("exim", "action", "importZapLogs", parameters);
78 | }
79 |
80 | ///
81 | ///Imports ModSecurity2 logs from the file with the given file system path.
82 | ///This component is optional and therefore the API will only work if it is installed
83 | ///
84 | ///
85 | public IApiResponse importModsec2Logs(string filepath)
86 | {
87 | Dictionary parameters = null;
88 | parameters = new Dictionary();
89 | parameters.Add("filePath", filepath);
90 | return api.CallApi("exim", "action", "importModsec2Logs", parameters);
91 | }
92 |
93 | ///
94 | ///Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages
95 | ///This component is optional and therefore the API will only work if it is installed
96 | ///
97 | ///
98 | public byte[] exportHar(string baseurl, string start, string count)
99 | {
100 | Dictionary parameters = null;
101 | parameters = new Dictionary();
102 | parameters.Add("baseurl", baseurl);
103 | parameters.Add("start", start);
104 | parameters.Add("count", count);
105 | return api.CallApiOther("exim", "other", "exportHar", parameters);
106 | }
107 |
108 | ///
109 | ///Gets the HTTP messages with the given IDs, in HAR format.
110 | ///This component is optional and therefore the API will only work if it is installed
111 | ///
112 | ///
113 | public byte[] exportHarById(string ids)
114 | {
115 | Dictionary parameters = null;
116 | parameters = new Dictionary();
117 | parameters.Add("ids", ids);
118 | return api.CallApiOther("exim", "other", "exportHarById", parameters);
119 | }
120 |
121 | ///
122 | ///Sends the first HAR request entry, optionally following redirections. Returns, in HAR format, the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope.
123 | ///This component is optional and therefore the API will only work if it is installed
124 | ///
125 | ///
126 | public byte[] sendHarRequest(string request, string followredirects)
127 | {
128 | Dictionary parameters = null;
129 | parameters = new Dictionary();
130 | parameters.Add("request", request);
131 | parameters.Add("followRedirects", followredirects);
132 | return api.CallApiOther("exim", "other", "sendHarRequest", parameters);
133 | }
134 |
135 | }
136 | }
137 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/ForcedUser.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class ForcedUser
33 | {
34 | private ClientApi api = null;
35 |
36 | public ForcedUser(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Returns 'true' if 'forced user' mode is enabled, 'false' otherwise
43 | ///
44 | ///
45 | public IApiResponse isForcedUserModeEnabled()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("forcedUser", "view", "isForcedUserModeEnabled", parameters);
49 | }
50 |
51 | ///
52 | ///Gets the user (ID) set as 'forced user' for the given context (ID)
53 | ///
54 | ///
55 | public IApiResponse getForcedUser(string contextid)
56 | {
57 | Dictionary parameters = null;
58 | parameters = new Dictionary();
59 | parameters.Add("contextId", contextid);
60 | return api.CallApi("forcedUser", "view", "getForcedUser", parameters);
61 | }
62 |
63 | ///
64 | ///Sets the user (ID) that should be used in 'forced user' mode for the given context (ID)
65 | ///
66 | ///
67 | public IApiResponse setForcedUser(string contextid, string userid)
68 | {
69 | Dictionary parameters = null;
70 | parameters = new Dictionary();
71 | parameters.Add("contextId", contextid);
72 | parameters.Add("userId", userid);
73 | return api.CallApi("forcedUser", "action", "setForcedUser", parameters);
74 | }
75 |
76 | ///
77 | ///Sets if 'forced user' mode should be enabled or not
78 | ///
79 | ///
80 | public IApiResponse setForcedUserModeEnabled(bool boolean)
81 | {
82 | Dictionary parameters = null;
83 | parameters = new Dictionary();
84 | parameters.Add("boolean", Convert.ToString(boolean));
85 | return api.CallApi("forcedUser", "action", "setForcedUserModeEnabled", parameters);
86 | }
87 |
88 | }
89 | }
90 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/HttpSessions.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class HttpSessions
33 | {
34 | private ClientApi api = null;
35 |
36 | public HttpSessions(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Gets all of the sites that have sessions.
43 | ///
44 | ///
45 | public IApiResponse sites()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("httpSessions", "view", "sites", parameters);
49 | }
50 |
51 | ///
52 | ///Gets the sessions for the given site. Optionally returning just the session with the given name.
53 | ///
54 | ///
55 | public IApiResponse sessions(string site, string session)
56 | {
57 | Dictionary parameters = null;
58 | parameters = new Dictionary();
59 | parameters.Add("site", site);
60 | parameters.Add("session", session);
61 | return api.CallApi("httpSessions", "view", "sessions", parameters);
62 | }
63 |
64 | ///
65 | ///Gets the name of the active session for the given site.
66 | ///
67 | ///
68 | public IApiResponse activeSession(string site)
69 | {
70 | Dictionary parameters = null;
71 | parameters = new Dictionary();
72 | parameters.Add("site", site);
73 | return api.CallApi("httpSessions", "view", "activeSession", parameters);
74 | }
75 |
76 | ///
77 | ///Gets the names of the session tokens for the given site.
78 | ///
79 | ///
80 | public IApiResponse sessionTokens(string site)
81 | {
82 | Dictionary parameters = null;
83 | parameters = new Dictionary();
84 | parameters.Add("site", site);
85 | return api.CallApi("httpSessions", "view", "sessionTokens", parameters);
86 | }
87 |
88 | ///
89 | ///Gets the default session tokens.
90 | ///
91 | ///
92 | public IApiResponse defaultSessionTokens()
93 | {
94 | Dictionary parameters = null;
95 | return api.CallApi("httpSessions", "view", "defaultSessionTokens", parameters);
96 | }
97 |
98 | ///
99 | ///Creates an empty session for the given site. Optionally with the given name.
100 | ///
101 | ///
102 | public IApiResponse createEmptySession(string site, string session)
103 | {
104 | Dictionary parameters = null;
105 | parameters = new Dictionary();
106 | parameters.Add("site", site);
107 | parameters.Add("session", session);
108 | return api.CallApi("httpSessions", "action", "createEmptySession", parameters);
109 | }
110 |
111 | ///
112 | ///Removes the session from the given site.
113 | ///
114 | ///
115 | public IApiResponse removeSession(string site, string session)
116 | {
117 | Dictionary parameters = null;
118 | parameters = new Dictionary();
119 | parameters.Add("site", site);
120 | parameters.Add("session", session);
121 | return api.CallApi("httpSessions", "action", "removeSession", parameters);
122 | }
123 |
124 | ///
125 | ///Sets the given session as active for the given site.
126 | ///
127 | ///
128 | public IApiResponse setActiveSession(string site, string session)
129 | {
130 | Dictionary parameters = null;
131 | parameters = new Dictionary();
132 | parameters.Add("site", site);
133 | parameters.Add("session", session);
134 | return api.CallApi("httpSessions", "action", "setActiveSession", parameters);
135 | }
136 |
137 | ///
138 | ///Unsets the active session of the given site.
139 | ///
140 | ///
141 | public IApiResponse unsetActiveSession(string site)
142 | {
143 | Dictionary parameters = null;
144 | parameters = new Dictionary();
145 | parameters.Add("site", site);
146 | return api.CallApi("httpSessions", "action", "unsetActiveSession", parameters);
147 | }
148 |
149 | ///
150 | ///Adds the session token to the given site.
151 | ///
152 | ///
153 | public IApiResponse addSessionToken(string site, string sessiontoken)
154 | {
155 | Dictionary parameters = null;
156 | parameters = new Dictionary();
157 | parameters.Add("site", site);
158 | parameters.Add("sessionToken", sessiontoken);
159 | return api.CallApi("httpSessions", "action", "addSessionToken", parameters);
160 | }
161 |
162 | ///
163 | ///Removes the session token from the given site.
164 | ///
165 | ///
166 | public IApiResponse removeSessionToken(string site, string sessiontoken)
167 | {
168 | Dictionary parameters = null;
169 | parameters = new Dictionary();
170 | parameters.Add("site", site);
171 | parameters.Add("sessionToken", sessiontoken);
172 | return api.CallApi("httpSessions", "action", "removeSessionToken", parameters);
173 | }
174 |
175 | ///
176 | ///Sets the value of the session token of the given session for the given site.
177 | ///
178 | ///
179 | public IApiResponse setSessionTokenValue(string site, string session, string sessiontoken, string tokenvalue)
180 | {
181 | Dictionary parameters = null;
182 | parameters = new Dictionary();
183 | parameters.Add("site", site);
184 | parameters.Add("session", session);
185 | parameters.Add("sessionToken", sessiontoken);
186 | parameters.Add("tokenValue", tokenvalue);
187 | return api.CallApi("httpSessions", "action", "setSessionTokenValue", parameters);
188 | }
189 |
190 | ///
191 | ///Renames the session of the given site.
192 | ///
193 | ///
194 | public IApiResponse renameSession(string site, string oldsessionname, string newsessionname)
195 | {
196 | Dictionary parameters = null;
197 | parameters = new Dictionary();
198 | parameters.Add("site", site);
199 | parameters.Add("oldSessionName", oldsessionname);
200 | parameters.Add("newSessionName", newsessionname);
201 | return api.CallApi("httpSessions", "action", "renameSession", parameters);
202 | }
203 |
204 | ///
205 | ///Adds a default session token with the given name and enabled state.
206 | ///
207 | ///
208 | public IApiResponse addDefaultSessionToken(string sessiontoken, string tokenenabled)
209 | {
210 | Dictionary parameters = null;
211 | parameters = new Dictionary();
212 | parameters.Add("sessionToken", sessiontoken);
213 | parameters.Add("tokenEnabled", tokenenabled);
214 | return api.CallApi("httpSessions", "action", "addDefaultSessionToken", parameters);
215 | }
216 |
217 | ///
218 | ///Sets whether or not the default session token with the given name is enabled.
219 | ///
220 | ///
221 | public IApiResponse setDefaultSessionTokenEnabled(string sessiontoken, string tokenenabled)
222 | {
223 | Dictionary parameters = null;
224 | parameters = new Dictionary();
225 | parameters.Add("sessionToken", sessiontoken);
226 | parameters.Add("tokenEnabled", tokenenabled);
227 | return api.CallApi("httpSessions", "action", "setDefaultSessionTokenEnabled", parameters);
228 | }
229 |
230 | ///
231 | ///Removes the default session token with the given name.
232 | ///
233 | ///
234 | public IApiResponse removeDefaultSessionToken(string sessiontoken)
235 | {
236 | Dictionary parameters = null;
237 | parameters = new Dictionary();
238 | parameters.Add("sessionToken", sessiontoken);
239 | return api.CallApi("httpSessions", "action", "removeDefaultSessionToken", parameters);
240 | }
241 |
242 | }
243 | }
244 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/ImportLogFiles.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2021 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class ImportLogFiles
33 | {
34 | private ClientApi api = null;
35 |
36 | public ImportLogFiles(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///This component is optional and therefore the API will only work if it is installed
43 | ///
44 | ///
45 | public IApiResponse ImportZAPLogFromFile(string filepath)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("FilePath", filepath);
50 | return api.CallApi("importLogFiles", "action", "ImportZAPLogFromFile", parameters);
51 | }
52 |
53 | ///
54 | ///This component is optional and therefore the API will only work if it is installed
55 | ///
56 | ///
57 | public IApiResponse ImportModSecurityLogFromFile(string filepath)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("FilePath", filepath);
62 | return api.CallApi("importLogFiles", "action", "ImportModSecurityLogFromFile", parameters);
63 | }
64 |
65 | ///
66 | ///This component is optional and therefore the API will only work if it is installed
67 | ///
68 | ///
69 | public IApiResponse ImportZAPHttpRequestResponsePair(string httprequest, string httpresponse)
70 | {
71 | Dictionary parameters = null;
72 | parameters = new Dictionary();
73 | parameters.Add("HTTPRequest", httprequest);
74 | parameters.Add("HTTPResponse", httpresponse);
75 | return api.CallApi("importLogFiles", "action", "ImportZAPHttpRequestResponsePair", parameters);
76 | }
77 |
78 | ///
79 | ///This component is optional and therefore the API will only work if it is installed
80 | ///
81 | ///
82 | public IApiResponse PostModSecurityAuditEvent(string auditeventstring)
83 | {
84 | Dictionary parameters = null;
85 | parameters = new Dictionary();
86 | parameters.Add("AuditEventString", auditeventstring);
87 | return api.CallApi("importLogFiles", "action", "PostModSecurityAuditEvent", parameters);
88 | }
89 |
90 | ///
91 | ///This component is optional and therefore the API will only work if it is installed
92 | ///
93 | ///
94 | public byte[] OtherPostModSecurityAuditEvent(string auditeventstring)
95 | {
96 | Dictionary parameters = null;
97 | parameters = new Dictionary();
98 | parameters.Add("AuditEventString", auditeventstring);
99 | return api.CallApiOther("importLogFiles", "other", "OtherPostModSecurityAuditEvent", parameters);
100 | }
101 |
102 | }
103 | }
104 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Importurls.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2021 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Importurls
33 | {
34 | private ClientApi api = null;
35 |
36 | public Importurls(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Imports URLs (one per line) from the file with the given file system path.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse importurls(string filepath)
47 | {
48 | Dictionary parameters = null;
49 | parameters = new Dictionary();
50 | parameters.Add("filePath", filepath);
51 | return api.CallApi("importurls", "action", "importurls", parameters);
52 | }
53 |
54 | }
55 | }
56 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/LocalProxies.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2021 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class LocalProxies
33 | {
34 | private ClientApi api = null;
35 |
36 | public LocalProxies(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Gets all of the additional proxies that have been configured.
43 | ///
44 | ///
45 | public IApiResponse additionalProxies()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("localProxies", "view", "additionalProxies", parameters);
49 | }
50 |
51 | ///
52 | ///Adds an new proxy using the details supplied.
53 | ///
54 | ///
55 | public IApiResponse addAdditionalProxy(string address, string port, string behindnat, string alwaysdecodezip, string removeunsupportedencodings)
56 | {
57 | Dictionary parameters = null;
58 | parameters = new Dictionary();
59 | parameters.Add("address", address);
60 | parameters.Add("port", port);
61 | parameters.Add("behindNat", behindnat);
62 | parameters.Add("alwaysDecodeZip", alwaysdecodezip);
63 | parameters.Add("removeUnsupportedEncodings", removeunsupportedencodings);
64 | return api.CallApi("localProxies", "action", "addAdditionalProxy", parameters);
65 | }
66 |
67 | ///
68 | ///Removes the additional proxy with the specified address and port.
69 | ///
70 | ///
71 | public IApiResponse removeAdditionalProxy(string address, string port)
72 | {
73 | Dictionary parameters = null;
74 | parameters = new Dictionary();
75 | parameters.Add("address", address);
76 | parameters.Add("port", port);
77 | return api.CallApi("localProxies", "action", "removeAdditionalProxy", parameters);
78 | }
79 |
80 | }
81 | }
82 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Openapi.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Openapi
33 | {
34 | private ClientApi api = null;
35 |
36 | public Openapi(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Imports an OpenAPI definition from a local file.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse importFile(string file, string target, string contextid)
47 | {
48 | Dictionary parameters = null;
49 | parameters = new Dictionary();
50 | parameters.Add("file", file);
51 | parameters.Add("target", target);
52 | parameters.Add("contextId", contextid);
53 | return api.CallApi("openapi", "action", "importFile", parameters);
54 | }
55 |
56 | ///
57 | ///Imports an OpenAPI definition from a URL.
58 | ///This component is optional and therefore the API will only work if it is installed
59 | ///
60 | ///
61 | public IApiResponse importUrl(string url, string hostoverride, string contextid)
62 | {
63 | Dictionary parameters = null;
64 | parameters = new Dictionary();
65 | parameters.Add("url", url);
66 | parameters.Add("hostOverride", hostoverride);
67 | parameters.Add("contextId", contextid);
68 | return api.CallApi("openapi", "action", "importUrl", parameters);
69 | }
70 |
71 | }
72 | }
73 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Params.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Params
33 | {
34 | private ClientApi api = null;
35 |
36 | public Params(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Shows the parameters for the specified site, or for all sites if the site is not specified
43 | ///
44 | ///
45 | public IApiResponse parameters(string site)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("site", site);
50 | return api.CallApi("params", "view", "params", parameters);
51 | }
52 |
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Pnh.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Pnh
33 | {
34 | private ClientApi api = null;
35 |
36 | public Pnh(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///This component is optional and therefore the API will only work if it is installed
43 | ///
44 | ///
45 | public IApiResponse monitor(string id, string message)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("id", id);
50 | parameters.Add("message", message);
51 | return api.CallApi("pnh", "action", "monitor", parameters);
52 | }
53 |
54 | ///
55 | ///This component is optional and therefore the API will only work if it is installed
56 | ///
57 | ///
58 | public IApiResponse oracle(string id)
59 | {
60 | Dictionary parameters = null;
61 | parameters = new Dictionary();
62 | parameters.Add("id", id);
63 | return api.CallApi("pnh", "action", "oracle", parameters);
64 | }
65 |
66 | ///
67 | ///This component is optional and therefore the API will only work if it is installed
68 | ///
69 | ///
70 | public IApiResponse startMonitoring(string url)
71 | {
72 | Dictionary parameters = null;
73 | parameters = new Dictionary();
74 | parameters.Add("url", url);
75 | return api.CallApi("pnh", "action", "startMonitoring", parameters);
76 | }
77 |
78 | ///
79 | ///This component is optional and therefore the API will only work if it is installed
80 | ///
81 | ///
82 | public IApiResponse stopMonitoring(string id)
83 | {
84 | Dictionary parameters = null;
85 | parameters = new Dictionary();
86 | parameters.Add("id", id);
87 | return api.CallApi("pnh", "action", "stopMonitoring", parameters);
88 | }
89 |
90 | ///
91 | ///This component is optional and therefore the API will only work if it is installed
92 | ///
93 | ///
94 | public byte[] pnh()
95 | {
96 | Dictionary parameters = null;
97 | return api.CallApiOther("pnh", "other", "pnh", parameters);
98 | }
99 |
100 | ///
101 | ///This component is optional and therefore the API will only work if it is installed
102 | ///
103 | ///
104 | public byte[] manifest()
105 | {
106 | Dictionary parameters = null;
107 | return api.CallApiOther("pnh", "other", "manifest", parameters);
108 | }
109 |
110 | ///
111 | ///This component is optional and therefore the API will only work if it is installed
112 | ///
113 | ///
114 | public byte[] service()
115 | {
116 | Dictionary parameters = null;
117 | return api.CallApiOther("pnh", "other", "service", parameters);
118 | }
119 |
120 | ///
121 | ///This component is optional and therefore the API will only work if it is installed
122 | ///
123 | ///
124 | public byte[] fx_pnhxpi()
125 | {
126 | Dictionary parameters = null;
127 | return api.CallApiOther("pnh", "other", "fx_pnh.xpi", parameters);
128 | }
129 |
130 | }
131 | }
132 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Pscan.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Pscan
33 | {
34 | private ClientApi api = null;
35 |
36 | public Pscan(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Tells whether or not the passive scan should be performed only on messages that are in scope.
43 | ///
44 | ///
45 | public IApiResponse scanOnlyInScope()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("pscan", "view", "scanOnlyInScope", parameters);
49 | }
50 |
51 | ///
52 | ///The number of records the passive scanner still has to scan
53 | ///
54 | ///
55 | public IApiResponse recordsToScan()
56 | {
57 | Dictionary parameters = null;
58 | return api.CallApi("pscan", "view", "recordsToScan", parameters);
59 | }
60 |
61 | ///
62 | ///Lists all passive scan rules with their ID, name, enabled state, and alert threshold.
63 | ///
64 | ///
65 | public IApiResponse scanners()
66 | {
67 | Dictionary parameters = null;
68 | return api.CallApi("pscan", "view", "scanners", parameters);
69 | }
70 |
71 | ///
72 | ///Show information about the passive scan rule currently being run (if any).
73 | /// [Obsolete] Use the currentTasks view instead.
74 | ///
75 | ///
76 | [Obsolete("Use the currentTasks view instead.")]
77 | public IApiResponse currentRule()
78 | {
79 | Dictionary parameters = null;
80 | return api.CallApi("pscan", "view", "currentRule", parameters);
81 | }
82 |
83 | ///
84 | ///Show information about the passive scan tasks currently being run (if any).
85 | ///
86 | ///
87 | public IApiResponse currentTasks()
88 | {
89 | Dictionary parameters = null;
90 | return api.CallApi("pscan", "view", "currentTasks", parameters);
91 | }
92 |
93 | ///
94 | ///Gets the maximum number of alerts a passive scan rule should raise.
95 | ///
96 | ///
97 | public IApiResponse maxAlertsPerRule()
98 | {
99 | Dictionary parameters = null;
100 | return api.CallApi("pscan", "view", "maxAlertsPerRule", parameters);
101 | }
102 |
103 | ///
104 | ///Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted).
105 | ///
106 | ///
107 | public IApiResponse setEnabled(string enabled)
108 | {
109 | Dictionary parameters = null;
110 | parameters = new Dictionary();
111 | parameters.Add("enabled", enabled);
112 | return api.CallApi("pscan", "action", "setEnabled", parameters);
113 | }
114 |
115 | ///
116 | ///Sets whether or not the passive scan should be performed only on messages that are in scope.
117 | ///
118 | ///
119 | public IApiResponse setScanOnlyInScope(string onlyinscope)
120 | {
121 | Dictionary parameters = null;
122 | parameters = new Dictionary();
123 | parameters.Add("onlyInScope", onlyinscope);
124 | return api.CallApi("pscan", "action", "setScanOnlyInScope", parameters);
125 | }
126 |
127 | ///
128 | ///Enables all passive scan rules
129 | ///
130 | ///
131 | public IApiResponse enableAllScanners()
132 | {
133 | Dictionary parameters = null;
134 | return api.CallApi("pscan", "action", "enableAllScanners", parameters);
135 | }
136 |
137 | ///
138 | ///Disables all passive scan rules
139 | ///
140 | ///
141 | public IApiResponse disableAllScanners()
142 | {
143 | Dictionary parameters = null;
144 | return api.CallApi("pscan", "action", "disableAllScanners", parameters);
145 | }
146 |
147 | ///
148 | ///Enables all passive scan rules with the given IDs (comma separated list of IDs)
149 | ///
150 | ///
151 | public IApiResponse enableScanners(string ids)
152 | {
153 | Dictionary parameters = null;
154 | parameters = new Dictionary();
155 | parameters.Add("ids", ids);
156 | return api.CallApi("pscan", "action", "enableScanners", parameters);
157 | }
158 |
159 | ///
160 | ///Disables all passive scan rules with the given IDs (comma separated list of IDs)
161 | ///
162 | ///
163 | public IApiResponse disableScanners(string ids)
164 | {
165 | Dictionary parameters = null;
166 | parameters = new Dictionary();
167 | parameters.Add("ids", ids);
168 | return api.CallApi("pscan", "action", "disableScanners", parameters);
169 | }
170 |
171 | ///
172 | ///Sets the alert threshold of the passive scan rule with the given ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH
173 | ///
174 | ///
175 | public IApiResponse setScannerAlertThreshold(string id, string alertthreshold)
176 | {
177 | Dictionary parameters = null;
178 | parameters = new Dictionary();
179 | parameters.Add("id", id);
180 | parameters.Add("alertThreshold", alertthreshold);
181 | return api.CallApi("pscan", "action", "setScannerAlertThreshold", parameters);
182 | }
183 |
184 | ///
185 | ///Sets the maximum number of alerts a passive scan rule should raise.
186 | ///
187 | ///
188 | public IApiResponse setMaxAlertsPerRule(string maxalerts)
189 | {
190 | Dictionary parameters = null;
191 | parameters = new Dictionary();
192 | parameters.Add("maxAlerts", maxalerts);
193 | return api.CallApi("pscan", "action", "setMaxAlertsPerRule", parameters);
194 | }
195 |
196 | ///
197 | ///Disables all passive scan tags.
198 | ///
199 | ///
200 | public IApiResponse disableAllTags()
201 | {
202 | Dictionary parameters = null;
203 | return api.CallApi("pscan", "action", "disableAllTags", parameters);
204 | }
205 |
206 | ///
207 | ///Enables all passive scan tags.
208 | ///
209 | ///
210 | public IApiResponse enableAllTags()
211 | {
212 | Dictionary parameters = null;
213 | return api.CallApi("pscan", "action", "enableAllTags", parameters);
214 | }
215 |
216 | ///
217 | ///Clears the passive scan queue.
218 | ///
219 | ///
220 | public IApiResponse clearQueue()
221 | {
222 | Dictionary parameters = null;
223 | return api.CallApi("pscan", "action", "clearQueue", parameters);
224 | }
225 |
226 | }
227 | }
228 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Replacer.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Replacer
33 | {
34 | private ClientApi api = null;
35 |
36 | public Replacer(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Returns full details of all of the rules
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse rules()
47 | {
48 | Dictionary parameters = null;
49 | return api.CallApi("replacer", "view", "rules", parameters);
50 | }
51 |
52 | ///
53 | ///Adds a replacer rule. For the parameters: desc is a user friendly description, enabled is true or false, matchType is one of [REQ_HEADER, REQ_HEADER_STR, REQ_BODY_STR, RESP_HEADER, RESP_HEADER_STR, RESP_BODY_STR], matchRegex should be true if the matchString should be treated as a regex otherwise false, matchString is the string that will be matched against, replacement is the replacement string, initiators may be blank (for all initiators) or a comma separated list of integers as defined in HttpSender
54 | ///This component is optional and therefore the API will only work if it is installed
55 | ///
56 | ///
57 | public IApiResponse addRule(string description, string enabled, string matchtype, string matchregex, string matchstring, string replacement, string initiators, string url)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("description", description);
62 | parameters.Add("enabled", enabled);
63 | parameters.Add("matchType", matchtype);
64 | parameters.Add("matchRegex", matchregex);
65 | parameters.Add("matchString", matchstring);
66 | parameters.Add("replacement", replacement);
67 | parameters.Add("initiators", initiators);
68 | parameters.Add("url", url);
69 | return api.CallApi("replacer", "action", "addRule", parameters);
70 | }
71 |
72 | ///
73 | ///Removes the rule with the given description
74 | ///This component is optional and therefore the API will only work if it is installed
75 | ///
76 | ///
77 | public IApiResponse removeRule(string description)
78 | {
79 | Dictionary parameters = null;
80 | parameters = new Dictionary();
81 | parameters.Add("description", description);
82 | return api.CallApi("replacer", "action", "removeRule", parameters);
83 | }
84 |
85 | ///
86 | ///Enables or disables the rule with the given description based on the bool parameter
87 | ///This component is optional and therefore the API will only work if it is installed
88 | ///
89 | ///
90 | public IApiResponse setEnabled(string description, string boolean)
91 | {
92 | Dictionary parameters = null;
93 | parameters = new Dictionary();
94 | parameters.Add("description", description);
95 | parameters.Add("bool", boolean);
96 | return api.CallApi("replacer", "action", "setEnabled", parameters);
97 | }
98 |
99 | }
100 | }
101 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Reports.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Reports
33 | {
34 | private ClientApi api = null;
35 |
36 | public Reports(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///View available templates.
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse templates()
47 | {
48 | Dictionary parameters = null;
49 | return api.CallApi("reports", "view", "templates", parameters);
50 | }
51 |
52 | ///
53 | ///View details of the specified template.
54 | ///This component is optional and therefore the API will only work if it is installed
55 | ///
56 | ///
57 | public IApiResponse templateDetails(string template)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("template", template);
62 | return api.CallApi("reports", "view", "templateDetails", parameters);
63 | }
64 |
65 | ///
66 | ///Generate a report with the supplied parameters.
67 | ///This component is optional and therefore the API will only work if it is installed
68 | ///
69 | ///
70 | public IApiResponse generate(string title, string template, string theme, string description, string contexts, string sites, string sections, string includedconfidences, string includedrisks, string reportfilename, string reportfilenamepattern, string reportdir, string display)
71 | {
72 | Dictionary parameters = null;
73 | parameters = new Dictionary();
74 | parameters.Add("title", title);
75 | parameters.Add("template", template);
76 | parameters.Add("theme", theme);
77 | parameters.Add("description", description);
78 | parameters.Add("contexts", contexts);
79 | parameters.Add("sites", sites);
80 | parameters.Add("sections", sections);
81 | parameters.Add("includedConfidences", includedconfidences);
82 | parameters.Add("includedRisks", includedrisks);
83 | parameters.Add("reportFileName", reportfilename);
84 | parameters.Add("reportFileNamePattern", reportfilenamepattern);
85 | parameters.Add("reportDir", reportdir);
86 | parameters.Add("display", display);
87 | return api.CallApi("reports", "action", "generate", parameters);
88 | }
89 |
90 | }
91 | }
92 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Retest.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Retest
33 | {
34 | private ClientApi api = null;
35 |
36 | public Retest(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///This component is optional and therefore the API will only work if it is installed
43 | ///
44 | ///
45 | public IApiResponse retest(string alertids)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("alertIds", alertids);
50 | return api.CallApi("retest", "action", "retest", parameters);
51 | }
52 |
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Reveal.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Reveal
33 | {
34 | private ClientApi api = null;
35 |
36 | public Reveal(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Tells if shows hidden fields and enables disabled fields
43 | ///This component is optional and therefore the API will only work if it is installed
44 | ///
45 | ///
46 | public IApiResponse reveal()
47 | {
48 | Dictionary parameters = null;
49 | return api.CallApi("reveal", "view", "reveal", parameters);
50 | }
51 |
52 | ///
53 | ///Sets if shows hidden fields and enables disabled fields
54 | ///This component is optional and therefore the API will only work if it is installed
55 | ///
56 | ///
57 | public IApiResponse setReveal(string reveal)
58 | {
59 | Dictionary parameters = null;
60 | parameters = new Dictionary();
61 | parameters.Add("reveal", reveal);
62 | return api.CallApi("reveal", "action", "setReveal", parameters);
63 | }
64 |
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Revisit.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Revisit
33 | {
34 | private ClientApi api = null;
35 |
36 | public Revisit(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///This component is optional and therefore the API will only work if it is installed
43 | ///
44 | ///
45 | public IApiResponse revisitList()
46 | {
47 | Dictionary parameters = null;
48 | return api.CallApi("revisit", "view", "revisitList", parameters);
49 | }
50 |
51 | ///
52 | ///This component is optional and therefore the API will only work if it is installed
53 | ///
54 | ///
55 | public IApiResponse revisitSiteOn(string site, string starttime, string endtime)
56 | {
57 | Dictionary parameters = null;
58 | parameters = new Dictionary();
59 | parameters.Add("site", site);
60 | parameters.Add("startTime", starttime);
61 | parameters.Add("endTime", endtime);
62 | return api.CallApi("revisit", "action", "revisitSiteOn", parameters);
63 | }
64 |
65 | ///
66 | ///This component is optional and therefore the API will only work if it is installed
67 | ///
68 | ///
69 | public IApiResponse revisitSiteOff(string site)
70 | {
71 | Dictionary parameters = null;
72 | parameters = new Dictionary();
73 | parameters.Add("site", site);
74 | return api.CallApi("revisit", "action", "revisitSiteOff", parameters);
75 | }
76 |
77 | }
78 | }
79 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/RuleConfig.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class RuleConfig
33 | {
34 | private ClientApi api = null;
35 |
36 | public RuleConfig(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Show the specified rule configuration
43 | ///
44 | ///
45 | public IApiResponse ruleConfigValue(string key)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("key", key);
50 | return api.CallApi("ruleConfig", "view", "ruleConfigValue", parameters);
51 | }
52 |
53 | ///
54 | ///Show all of the rule configurations
55 | ///
56 | ///
57 | public IApiResponse allRuleConfigs()
58 | {
59 | Dictionary parameters = null;
60 | return api.CallApi("ruleConfig", "view", "allRuleConfigs", parameters);
61 | }
62 |
63 | ///
64 | ///Reset the specified rule configuration, which must already exist
65 | ///
66 | ///
67 | public IApiResponse resetRuleConfigValue(string key)
68 | {
69 | Dictionary parameters = null;
70 | parameters = new Dictionary();
71 | parameters.Add("key", key);
72 | return api.CallApi("ruleConfig", "action", "resetRuleConfigValue", parameters);
73 | }
74 |
75 | ///
76 | ///Reset all of the rule configurations
77 | ///
78 | ///
79 | public IApiResponse resetAllRuleConfigValues()
80 | {
81 | Dictionary parameters = null;
82 | return api.CallApi("ruleConfig", "action", "resetAllRuleConfigValues", parameters);
83 | }
84 |
85 | ///
86 | ///Set the specified rule configuration, which must already exist
87 | ///
88 | ///
89 | public IApiResponse setRuleConfigValue(string key, string value)
90 | {
91 | Dictionary parameters = null;
92 | parameters = new Dictionary();
93 | parameters.Add("key", key);
94 | parameters.Add("value", value);
95 | return api.CallApi("ruleConfig", "action", "setRuleConfigValue", parameters);
96 | }
97 |
98 | }
99 | }
100 |
--------------------------------------------------------------------------------
/src/OWASPZAPDotNetAPI/OWASPZAPDotNetAPI/Generated/Search.cs:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 |
21 |
22 | using System;
23 | using System.Collections.Generic;
24 | using System.Text;
25 |
26 |
27 | /*
28 | * This file was automatically generated.
29 | */
30 | namespace OWASPZAPDotNetAPI.Generated
31 | {
32 | public class Search
33 | {
34 | private ClientApi api = null;
35 |
36 | public Search(ClientApi api)
37 | {
38 | this.api = api;
39 | }
40 |
41 | ///
42 | ///Returns the URLs of the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
43 | ///
44 | ///
45 | public IApiResponse urlsByUrlRegex(string regex, string baseurl, string start, string count)
46 | {
47 | Dictionary parameters = null;
48 | parameters = new Dictionary();
49 | parameters.Add("regex", regex);
50 | parameters.Add("baseurl", baseurl);
51 | parameters.Add("start", start);
52 | parameters.Add("count", count);
53 | return api.CallApi("search", "view", "urlsByUrlRegex", parameters);
54 | }
55 |
56 | ///
57 | ///Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
58 | ///
59 | ///
60 | public IApiResponse urlsByRequestRegex(string regex, string baseurl, string start, string count)
61 | {
62 | Dictionary parameters = null;
63 | parameters = new Dictionary();
64 | parameters.Add("regex", regex);
65 | parameters.Add("baseurl", baseurl);
66 | parameters.Add("start", start);
67 | parameters.Add("count", count);
68 | return api.CallApi("search", "view", "urlsByRequestRegex", parameters);
69 | }
70 |
71 | ///
72 | ///Returns the URLs of the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.
73 | ///
74 | ///
75 | public IApiResponse urlsByResponseRegex(string regex, string baseurl, string start, string count)
76 | {
77 | Dictionary parameters = null;
78 | parameters = new Dictionary();
79 | parameters.Add("regex", regex);
80 | parameters.Add("baseurl", baseurl);
81 | parameters.Add("start", start);
82 | parameters.Add("count", count);
83 | return api.CallApi("search", "view", "urlsByResponseRegex", parameters);
84 | }
85 |
86 | ///
87 | ///Returns the URLs of the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.
88 | ///
89 | ///
90 | public IApiResponse urlsByHeaderRegex(string regex, string baseurl, string start, string count)
91 | {
92 | Dictionary parameters = null;
93 | parameters = new Dictionary();
94 | parameters.Add("regex", regex);
95 | parameters.Add("baseurl", baseurl);
96 | parameters.Add("start", start);
97 | parameters.Add("count", count);
98 | return api.CallApi("search", "view", "urlsByHeaderRegex", parameters);
99 | }
100 |
101 | ///