Merge pull request #103 from thc202/update-apis

Update APIs of add-ons and core

Author: kingthorin

CHANGELOG.md

@@ -3,7 +3,14 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
-## [Unreleased]
+## [0.3.0] - 2024-05-09
+### Added
+- Add the API of the following add-on:
+  - Custom Payloads version 0.13.0.
+
+### Changed
+- Update core APIs for 2.15.
+
 ### Fixed
 - Return the whole response from `users.get_user_by_id`.
 
@@ -164,7 +171,7 @@ ensure it's automatically sent in all API requests.
 ### Changed
 - Moved from the main `zaproxy` repository.
 
-[Unreleased]: https://github.com/zaproxy/zap-api-python/compare/0.2.0...HEAD
+[0.3.0]: https://github.com/zaproxy/zap-api-python/compare/0.2.0...0.3.0
 [0.2.0]: https://github.com/zaproxy/zap-api-python/compare/0.1.1...0.2.0
 [0.1.1]: https://github.com/zaproxy/zap-api-python/compare/0.1.0...0.1.1
 [0.1.0]: https://github.com/zaproxy/zap-api-python/compare/0.0.22...0.1.0

src/zapv2/ajaxSpider.py

@@ -271,7 +271,7 @@ def set_option_browser_id(self, string, apikey=''):
 
     def set_option_click_default_elems(self, boolean, apikey=''):
         """
-        Sets whether or not the the AJAX Spider will only click on the default HTML elements.
+        Sets whether or not the AJAX Spider will only click on the default HTML elements.
         This component is optional and therefore the API will only work if it is installed
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'ajaxSpider/action/setOptionClickDefaultElems/', {'Boolean': boolean})))

src/zapv2/ascan.py

@@ -240,6 +240,13 @@ def option_allow_attack_on_start(self):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'ascan/view/optionAllowAttackOnStart/')))
 
+    @property
+    def option_encode_cookie_values(self):
+        """
+        Tells whether or not the active scanner should encode cookie values.
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'ascan/view/optionEncodeCookieValues/')))
+
     @property
     def option_inject_plugin_id_in_header(self):
         """
@@ -572,6 +579,12 @@ def set_option_delay_in_ms(self, integer, apikey=''):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'ascan/action/setOptionDelayInMs/', {'Integer': integer})))
 
+    def set_option_encode_cookie_values(self, boolean, apikey=''):
+        """
+        Sets whether or not the active scanner should encode cookie values.
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'ascan/action/setOptionEncodeCookieValues/', {'Boolean': boolean})))
+
     def set_option_handle_anti_csrf_tokens(self, boolean, apikey=''):
         """
         

src/zapv2/core.py

@@ -225,6 +225,15 @@ def number_of_alerts(self, baseurl=None, riskid=None):
             params['riskId'] = riskid
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'core/view/numberOfAlerts/', params)))
 
+    def get_log_level(self, name=None):
+        """
+        The detailed logging config, optionally filtered based on a name (ex: starts with).
+        """
+        params = {}
+        if name is not None:
+            params['name'] = name
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'core/view/getLogLevel/', params)))
+
     @property
     def option_default_user_agent(self):
         """
@@ -534,6 +543,12 @@ def delete_alert(self, id, apikey=''):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'core/action/deleteAlert/', {'id': id})))
 
+    def set_log_level(self, name, loglevel, apikey=''):
+        """
+        Sets the logging level for a given logger name.
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'core/action/setLogLevel/', {'name': name, 'logLevel': loglevel})))
+
     def set_option_default_user_agent(self, string, apikey=''):
         """
         Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy).

src/zapv2/custompayloads.py

@@ -0,0 +1,106 @@
+# Zed Attack Proxy (ZAP) and its related class files.
+#
+# ZAP is an HTTP/HTTPS proxy for assessing web application security.
+#
+# Copyright 2024 the ZAP development team
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""
+This file was automatically generated.
+"""
+
+import six
+
+
+class custompayloads(object):
+
+    def __init__(self, zap):
+        self.zap = zap
+
+    @property
+    def custom_payloads_categories(self):
+        """
+        Lists all available categories.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/view/customPayloadsCategories/')))
+
+    def custom_payloads(self, category=None):
+        """
+        Lists all the payloads currently loaded (category, payload, enabled state). Optionally filtered by category.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {}
+        if category is not None:
+            params['category'] = category
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/view/customPayloads/', params)))
+
+    def disable_custom_payloads(self, category=None, apikey=''):
+        """
+        Disables payloads for a given category.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {}
+        if category is not None:
+            params['category'] = category
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/disableCustomPayloads/', params)))
+
+    def enable_custom_payloads(self, category=None, apikey=''):
+        """
+        Enables payloads for a given category.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {}
+        if category is not None:
+            params['category'] = category
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/enableCustomPayloads/', params)))
+
+    def remove_custom_payload(self, category, payload=None, apikey=''):
+        """
+        Removes a payload.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {'category': category}
+        if payload is not None:
+            params['payload'] = payload
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/removeCustomPayload/', params)))
+
+    def add_custom_payload(self, category, payload=None, apikey=''):
+        """
+        Adds a new payload.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {'category': category}
+        if payload is not None:
+            params['payload'] = payload
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/addCustomPayload/', params)))
+
+    def enable_custom_payload(self, category, payload=None, apikey=''):
+        """
+        Enables a given payload.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {'category': category}
+        if payload is not None:
+            params['payload'] = payload
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/enableCustomPayload/', params)))
+
+    def disable_custom_payload(self, category, payload=None, apikey=''):
+        """
+        Disables a given payload.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        params = {'category': category}
+        if payload is not None:
+            params['payload'] = payload
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'custompayloads/action/disableCustomPayload/', params)))

src/zapv2/search.py

@@ -40,6 +40,19 @@ def urls_by_url_regex(self, regex, baseurl=None, start=None, count=None):
             params['count'] = count
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'search/view/urlsByUrlRegex/', params)))
 
+    def urls_by_tag_regex(self, regex, baseurl=None, start=None, count=None):
+        """
+        Returns the URLs of the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+        """
+        params = {'regex': regex}
+        if baseurl is not None:
+            params['baseurl'] = baseurl
+        if start is not None:
+            params['start'] = start
+        if count is not None:
+            params['count'] = count
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'search/view/urlsByTagRegex/', params)))
+
     def urls_by_request_regex(self, regex, baseurl=None, start=None, count=None):
         """
         Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
@@ -92,6 +105,19 @@ def messages_by_url_regex(self, regex, baseurl=None, start=None, count=None):
             params['count'] = count
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'search/view/messagesByUrlRegex/', params)))
 
+    def messages_by_tag_regex(self, regex, baseurl=None, start=None, count=None):
+        """
+        Returns the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+        """
+        params = {'regex': regex}
+        if baseurl is not None:
+            params['baseurl'] = baseurl
+        if start is not None:
+            params['start'] = start
+        if count is not None:
+            params['count'] = count
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'search/view/messagesByTagRegex/', params)))
+
     def messages_by_request_regex(self, regex, baseurl=None, start=None, count=None):
         """
         Returns the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
@@ -144,6 +170,19 @@ def har_by_url_regex(self, regex, baseurl=None, start=None, count=None, apikey='
             params['count'] = count
         return (self.zap._request_other(self.zap.base_other + 'search/other/harByUrlRegex/', params))
 
+    def har_by_tag_regex(self, regex, baseurl=None, start=None, count=None, apikey=''):
+        """
+        Returns the HTTP messages, in HAR format, that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
+        """
+        params = {'regex': regex}
+        if baseurl is not None:
+            params['baseurl'] = baseurl
+        if start is not None:
+            params['start'] = start
+        if count is not None:
+            params['count'] = count
+        return (self.zap._request_other(self.zap.base_other + 'search/other/harByTagRegex/', params))
+
     def har_by_request_regex(self, regex, baseurl=None, start=None, count=None, apikey=''):
         """
         Returns the HTTP messages, in HAR format, that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.

src/zapv2/wappalyzer.py

@@ -30,7 +30,7 @@ def __init__(self, zap):
     @property
     def list_sites(self):
         """
-        Lists all the sites recognized by the wappalyzer addon.
+        Lists all the sites recognized by the Technology Detection add-on.
         This component is optional and therefore the API will only work if it is installed
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'wappalyzer/view/listSites/')))