We have a requirement to know how commands works at backend when triggered via OWASP ZAP Tool.
This will help for data visualizing & interaction with ZAP and UI.
For example:
Commands like 'active scan'
In ZAP Tool we select required site and click on 'Active Scan' action
Active scan happens and the result appears in history tab.
Now requirement is to visualize how the commands interact at the background when user clicks on 'Active Scan' from ZAP tool.
How it reads the request, process the data and generate result back in ZAP tool?
Similarly for passive scan and fuzzing.
The code is all Open Source. Please refer to the two primary repositories:
Core: https://github.com/zaproxy/zaproxy
Extensions: https://github.com/zaproxy/zap-extensions
Also see https://www.zaproxy.org/tags/hacking/ and if you have specific questions then its best to add them on the ZAP Dev Group
Related
I have data in a csv file & want to do the following with it:
Log into web site
Populate field of the page with the csv data
Navigate to next page
Input the rest of data
Click submit
Repeat for next line
I can do this using UiPath but it's an expensive option for a relatively simple use case.
Any one any suggestions on how do this using a different method?
Thanks,
EddieT
If you're looking for alternatives then you probably would want to investigate APIs or Webhooks. But that all depends on the access rights you have for that particular website.
Try messaging the Developers of the website you need as they might have this service already available.
UiPath may appear expensive but if you calculate the amount of time saved for this one process then you will see the money savings too.
If you can find a couple of other processes you want to automate then I'd highly recommend it.
I'm developing some ETL jobs using Mosaic Decisions. While running the job, it's submitting the job to Spark using the default configurations. This default configuration is really huge and I don't need that much for development (as I am using less number of records for unit testing while development).
Is there a way I can instruct Mosaic to use less Spark resources for my development? So that I won't unnecessarily block the resources of the cluster?
Yes, it is possible to achieve that. To do so, you will have to create a new run configuration with the desired resource configuration from the Manager persona (LTI Mosaic Manager). Then, simply execute the flow with the newly created run configuration.
Follow the steps below to create a new run configuration:
Log in to Mosaic Decisions and on the top right corner, click on Projects, and then on Manager.
In Mosaic Manager, click on the Runconfig tab in the left navigation panel.
Click on Add New Configuration. Provide the desired configurations and click Save.
Go back to Mosaic Decisions, and execute the desired flow with the newly created run configuration
For the past day, the 'New Test Plan' button has been missing from our VSTS UI inside the Test-Test Plans area. I also can't find anywhere else in VSTS giving the option to create a new test plan. (I'm sure there used to be a few places, but they were obvious, and now missing)
Could it be anything to do with star symbol showing in the UI after ' Test Plans* ', like some changes need saving somewhere before new test plans can be added? In which case, what changes should I be looking for to save?
Generally Test plan creation is limited to users subscribed to Test Manager extension or VS/MSDN subscribers.
Basic license users can only run tests. You need a valid Visual Studio
subscription (Enterprise, Test Professional or MSDN Platforms) or Test
Manager license ($52 monthly):
https://marketplace.visualstudio.com/items?itemName=ms.vss-testmanager-web
to create test plans.
See this thread : Can't add a new test plan
So please check if you have the license to create the test plan, and for an paid extension you must assign that extension to users who need access, so they can start using that extension's capabilities. Please see Assign paid extension access to users
Whatever, I can reproduce the issue on myside, seems it's an issue with the preview feature.
As a workaround you can create the Test Plan with MTM (Microsoft Test Manager) or REST API (Test Plans - Create). Both work for me, but the test plan will not display immediately after creating it, you may need to wait for several minutes to sync it.
I have sequence of steps that an user does, e.g. logging on the a remote UNIX shell, creation of files/directories, changing permission, Running remote Shell scripts and commands, File deletion, File movements,
Run DB queries and basis the query results perform certain tasks exporting the results to a file or run further shell commands/scripts or DB insert statements etc etc.
doing there steps users achieves different processed or data processing and validating.
What is the best way to automate the above schenerio, Should we go for a Workflow tools like Activiti etc. or is there a better framework/way to achieve the requirements.
My requirement is to work with Open-source, and possibly Java based.
I am completely new to this so any help pointers would be appreciated.
The scenario you describe is certainly possible with a workflow tool like Activiti. Apache Camel or Spring Integration would be another possibility (as all the steps you mention are automatic system tasks).
A workflow framework would be a good option if you need one of these
you want to store the history data for 'audit purposes': who did what/when/how long did it take.
you want to visually model your steps, perhaps to discuss it with business people.
there is a need for human interaction between some of the steps
Your description reminds me of a software/account provisioning process.
There are a large number of provisioning tools on the market both Open Source or otherwise (Dell Crowbar is one options).
However, A couple of the comments you made in your response to Joram indicate a more general purpose tool such as Activiti may be an option:
"Swivel Chair" tasks - User tasks that may one day be automated
Visual model of process state
Most provisioning tools dont allow for generic user tasks and dont provide a (good) visual model of the process state.
However, they generally include remote script execution which would need to be cobbled together as a service task if using a BOM tool.
I would certainly expand my research to include provisioning tools as they sound like a better fit, however if you cant find anything that works for you, a BPM platform provides a generic framework to build what you need.
I have a website where users should every day perform the following tasks:
Log in with user/password
Select from a filter the date of the day
Click on a link that will let them download a csv file that they will import in a database.
Of course I can't change the website, but I would like to automate this.
I'm testing Selenium, but I should set up a complete environment to create a scalable import process where I can launch several process together.
My idea is to setup a server that will:
emulate a browser
log in into this website
perform the actions, including select, click and wait instructions
save the csv stream into a file
import into a sql sb
What would be a good framework or service to start?
Thanks for your time
This should be a good place to read.