I have trigger zap with Python API as below:-
Script source:-
https://github.com/zaproxy/zaproxy/wiki/ApiPython
I want an HTML report generated via command line.
I am trying to integrate same with Jenkins. I have found few plug-ins of Owasp in Jenkins but doesn't seem to work as expected.
Any idea, link, tutorials will really help me.
At this URL/API ( http://ZAP-IP:PORT/UI/core/other/htmlreport/) user can get the report.
I havn't found any zap support plug-in so I have wrote selenium webdriver java script to accomplish my task. The code is :-
@Test
public void Report() {
System.setProperty("webdriver.chrome.driver",System.getProperty("user.dir")+"\\src\\lib\\chromedriver.exe");
ChromeOptions chromeOptions = new ChromeOptions();
chromeOptions.addArguments("--start-maximized");
WebDriver driver = new ChromeDriver(chromeOptions);
driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
driver.get("http://localhost:8080/UI/core/other/htmlreport");
driver.manage().timeouts().pageLoadTimeout(30, TimeUnit.SECONDS);
driver.findElement(By.id("apikey")).sendKeys("ChangeMe");
driver.findElement(By.id("button")).click();
SimpleDateFormat dateFormatForFoldername = new SimpleDateFormat("yyyy-MM-dd-HH-mm-ss");
Date currentDate = new Date();
String folderDateFormat = dateFormatForFoldername.format(currentDate);
try {
URL oracle = new URL(driver.getCurrentUrl());
BufferedReader in = new BufferedReader(
new InputStreamReader(oracle.openStream()));
BufferedWriter writer = new BufferedWriter(new FileWriter("Reports"+File.separator+"OwaspReport-"+folderDateFormat+".html"));
String inputLine;
while ((inputLine = in.readLine()) != null){
try{
writer.write(inputLine);
}
catch(IOException e){
e.printStackTrace();
return;
}
}
in.close();
writer.close();
driver.quit();
}
catch(Exception ex) {
System.out.println(ex.getMessage());
ex.printStackTrace();
}
}
Note :- change the port in URL as per your zap port and replace the apiKey
Hope it will help you :)