Skip to content

Commit

Permalink
More AF Plan examples
Browse files Browse the repository at this point in the history
Signed-off-by: Simon Bennetts <[email protected]>
  • Loading branch information
psiinon committed Feb 6, 2024
1 parent 3793897 commit f8746a4
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 0 deletions.
4 changes: 4 additions & 0 deletions other/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ All notable changes to the 'other' section of this repository will be documented

The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

### 2024-02-06
- Added af-plans/FullScanBrokenCrystals.yaml
- Added af-plans/ScriptEnvVarAccess.yaml

### 2024-01-16
- Introduced this changelog
- Added af-plans/FullScanExample.yaml
Expand Down
61 changes: 61 additions & 0 deletions other/af-plans/FullScanBrokenCrystals.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
---
# A simple plan that performs a full unauthenticated scan against brokencrystals.com
# It uses both of the spiders and active scanning.
# The 2 spider tests will fail as they do not find at least 100 URLs,
# but they do not fail the whole plan as they just report at INFO level.
env:
contexts:
- name: "BrokenCrystals"
urls:
- "https://brokencrystals.com/"
includePaths: []
excludePaths: []
parameters:
failOnError: true
failOnWarning: false
progressToStdout: true
vars: {}
jobs:
- parameters:
scanOnlyInScope: true
enableTags: false
rules: []
name: "passiveScan-config"
type: "passiveScan-config"
- parameters: {}
name: "spider"
type: "spider"
tests:
- onFail: "INFO"
statistic: "automation.spider.urls.added"
site: ""
operator: ">="
value: 100
type: "stats"
name: "At least 100 URLs found"
- parameters:
maxDuration: 10
maxCrawlDepth: 10
name: "spiderAjax"
type: "spiderAjax"
tests:
- onFail: "INFO"
statistic: "spiderAjax.urls.added"
site: ""
operator: ">="
value: 100
type: "stats"
name: "At least 100 URLs found"
- parameters: {}
name: "activeScan"
type: "activeScan"
- parameters: {}
name: "passiveScan-wait"
type: "passiveScan-wait"
- parameters:
template: "modern"
reportTitle: "ZAP Scanning Report"
reportDescription: ""
name: "report"
type: "report"

23 changes: 23 additions & 0 deletions other/af-plans/ScriptEnvVarAccess.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
# This plan show how you can access an env var in a script.
env:
contexts:
- name: "Script EnvVar Example"
urls:
- "https://example.com/"
jobs:
- parameters:
action: "add"
type: "standalone"
engine: "ECMAScript : Graal.js"
name: "print-env-vars.js"
inline: |
print(Java.type("java.lang.System").getenv("PATH"));
name: "script"
type: "script"
- parameters:
action: "run"
type: "standalone"
name: "print-env-vars.js"
name: "script"
type: "script"

0 comments on commit f8746a4

Please sign in to comment.