I have a problem while running the scan on ZAP.
In our application they use some encryption for password at the time of application.
enter image description here
when i run the scan in ZAP password is not getting encrypted.refer below screenshot.
enter image description here
how can we use the algorithm in zap which we are using in our application
If some one can help me on this soon it will be greate
thank you
Related
Is there any way to run OWASP zap in CMD mode?
I have selenium scripts it opens the browser and runs.
When running it auto record all the requests to Zap (already completed).
Now I need to run the OWASP zap zed using Jenkins or using selenium.
Is there any way to do this?
Change the standard mode to attack mode and execute the attack, then email the HTML report.
Yes there is! You can use the zap CLI for that. The CLI let you start an active scan and get the report. There is also the base line scan that is bundled in the docker image, and you can always use the API directly. Each one of these approaches can let you achieve what you want - besides sending an email. This can be done (I hope) with Jenkins.
I've tried to research this topic and found resources like selenium, but I'm not entirely sure how to do what I need.
Basically here is the workflow:
A user completes a form on our website
The form inputs get emailed to me
I login to the related database system online (it's always the same) to produce the necessary report based on there request.
I then print a PDF version of the report and email it back to them with our email template (customized based on some of their inputs on the website)
Is there a way to automate this? Maybe even run it on a server so users can get the reports even when my computer is off?
Any help would be great!
Thanks.
If you are not able to use API of the resource which gives you PDF file...
I'd go like this:
Configure Jenkins CI on a server.
When a user completes a form - send HTTP POST request to Jenkins CI for building parametrized job (using data from user).
Jenkins job runs the Selenium tests to get desired PDF file.
Using Jenkins email notification plugin send customized email with PDF file from previous step.
When I attempt to upload a virtual appliance to Bluemix, my session expires causing the upload to fail. The appliance image is stored on my local machine and I follow the following process, having first logged into Bluemix:
From the Dashboard, I select 'Run Virtual Machines', which opens the 'Create a Virtual Machine' page. Then, I select 'Upload image' in the right-hand frame. I select ISO as the image format, then click the 'Browse' button and select the appliance ISO from my local disk.
Then I click 'Upload' and the upload begins. After a period of time, during the upload, the following message appears:
'Your session has expired, click OK to refresh the page and renew it. You might be asked to login if necessary'.
At this point the upload is terminated.
How do I resolve the issue of my session expiring part-way through the upload? Is there a robust method for uploading virtual machine images to Bluemix?
probably your iso image is too big to be uploaded using your network speed, the browser session ends before your upload is finished.
I think about two options available for you:
open two different browser tabs/windows, use the first one to upload your image and use the second one to keep manually your session not expired (simply navigating on bluemix dashboard): not really useful, especially for a very long upload...
instead of uploading your image from local, you can upload your image from an external URL (the second value on the combo box 'How to upload'
if you downloaded your ISO previously, you can simply use on Bluemix dashboard the same URL used to download it locally; if you have your own image locally only, you should upload it on the web (on a shared hosting for example) and then use the URL pointing to your uploaded ISO to download it to Bluemix
You can use glance CLI (which are a set of python scripts) to upload images. Please refer to http://docs.openstack.org/user-guide/common/cli_install_openstack_command_line_clients.html for installation instructions on the platform of your choice.
You can also check this tutorial which shows step-by-step instructions on how to install the CLI clients.
https://www.mirantis.com/blog/mirantis-openstack-express-installing-openstack-cli-clients/
Though the UI calls the same from under the covers, you will at least reduce the overhead of the UI.
How to auto fill the user name and password in the pop up using selenium in Linux(Ubuntu)
I am using selenium web driver to perform the automation tests for a web application. When I give the URL to the browser it immediately pop ups asking for username and password which I actually want to automate from the script. (This I want to do for Linux platform not for Windows)
I've never done it with Linux, but I'm assuming its the same. Instead of typing url.com/otherstuff/, do username:password#url.com/otherstuff/
I am creating a Windows Form program that will change specific settings on a newly imaged PC. All of the PCs will be running Windows7 and they are not on any domain. What I need to be able to do is change or remove the password hint for the local account on this PC. If the password hint cannot be changed without changing the password that is OK.
I have code that changes the password but unfortunately it does not change or remove the password hint. I have searched Google and there does not seem to be anything on how to do this.