public string setWebGoatPhaseSettings_example2()
{
var analysisArtifacts = KAnalysisArtifacts.load(webGoatAnalysisArtifactsFile); // loads AnalysisArtifact xml file
XUtils_AnalysisWorkflow.setAllPhasesAndTasksValue(analysisArtifacts, false); // disables all phases and tasks
analysisArtifacts.phase_3.run = true; // enable phase #3
analysisArtifacts.phase_3.task2_filterFindings = true; // enable phase #3's tasks #2
analysisArtifacts.phase_3.task2_sourceSink.Clear(); // remove previous entries
// note: the SourceSink object should be created with 3 parameters:
// - Source
// - Sink
// - RemoveMatches : when set will remove the findings that matched the Source/Sink pair from the next queries
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("getParameter", "", false)); // add new mappings
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "org.apache", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("getAttribute", "", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "setAttribute", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "setProperty", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "sql", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "print", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "io", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "Cookie", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "exec", true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "log", true));
//analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("get","set",true));
analysisArtifacts.phase_3.task2_sourceSink.Add(new SourceSink("", "external_caller", true));
KAnalysisArtifacts.save((KAnalysisArtifacts)analysisArtifacts, webGoatAnalysisArtifactsFile);
return(webGoatAnalysisArtifactsFile);
}
public string createWebgoatArtifactsFile()
{
File.Delete(webGoatAnalysisArtifactsFile);
Assert.That(false == File.Exists(webGoatAnalysisArtifactsFile), "webGoatAnalysisArtifactsFile should not exists at this stage: " + webGoatAnalysisArtifactsFile);
string workflowName = "webgoat (from O2 Unit test)";
string assessmentFile = webGoatAssessmentFile;
string targetFolder = Path.Combine(demoDataFolder, workflowName);
string targetAnalysisArtifactsFile = webGoatAnalysisArtifactsFile;
// create it
var analysisArtifacts = (KAnalysisArtifacts)XUtils_AnalysisWorkflow.createAnalysisArtifact(workflowName, assessmentFile, targetFolder);
// save it
KAnalysisArtifacts.save(analysisArtifacts, targetAnalysisArtifactsFile);
// make sure it exists
Assert.That(File.Exists(webGoatAnalysisArtifactsFile), "webGoatAnalysisArtifactsFile was not created: " + webGoatAnalysisArtifactsFile);
return(webGoatAnalysisArtifactsFile);
}