private static void PrintAlertsToConsole()
{
List <Alert> alerts = _api.GetAlerts(_target, 0, 0);
foreach (var alert in alerts)
{
Console.WriteLine(alert.AlertMessage
+ Environment.NewLine
+ alert.CWEId
+ Environment.NewLine
+ alert.Url
+ Environment.NewLine
+ alert.WASCId
+ Environment.NewLine
+ alert.Evidence
+ Environment.NewLine
+ alert.Parameter
+ Environment.NewLine
);
}
}
public string GetSecurityScanResult(string risk, string confidence, int minutes)
{
string result = "SUCCESS";
int polls = 0;
int MAX_SCAN_MINUTES = minutes;
int progress;
try
{
log.Info("Get Scan Result: " + scanURL);
while (true)
{
progress = int.Parse(((ApiResponseElement)zapClientAPI.ascan.status(scanid)).Value);
log.Info("Active Scan progress : " + progress + "%");
if (progress >= 100 || polls++ > MAX_SCAN_MINUTES * 2)
{
break;
}
System.Threading.Thread.Sleep(30000);
}
log.Info("Active Scan complete");
log.Info("Alerts");
List <Alert> filtered = new List <Alert>();
foreach (Alert alert in zapClientAPI.GetAlerts(scanURL, 0, 1000, "LOW")) // GetAlerts(scanURL, 0, 1000))
{
if (string.Equals(confidence, "medium", StringComparison.OrdinalIgnoreCase))
{
if (alert.Confidence == Alert.ConfidenceLevel.High || alert.Confidence == Alert.ConfidenceLevel.Medium)
{
filtered.Add(alert);
}
else
if (alert.Confidence == Alert.ConfidenceLevel.High)
{
filtered.Add(alert);
}
}
}
foreach (Alert falert in filtered)
{
if ((string.Equals(risk, "medium", StringComparison.OrdinalIgnoreCase) && falert.Risk == Alert.RiskLevel.Medium) || falert.Risk == Alert.RiskLevel.High)
{
result = "FAIL";
log.Info("Name: " + falert.AlertMessage);
log.Info("Descipt: " + falert.Description);
log.Info("Solution: " + falert.Solution);
log.Info("--------------");
}
}
// clean up
//api.context.removeContext("CS");
}
catch (Exception e)
{
log.Error("Exception : " + e.Message);
}
log.Info(result);
return(result);
}
