Merge pull request #14 from psiinon/master

kingthorin · web-flow · commit a14dd3b6d48a · 2017-03-31T04:57:35.000-04:00
Added simple example and changed wiki link
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@ The latest released version can be downloaded from the [https://pypi.python.org/
 
 For help using OWASP ZAP API refer to:
   * [Examples](https://github.com/zaproxy/zap-api-python/tree/master/src/examples) - collection of examples using the library;
-  * [Wiki](https://github.com/zaproxy/zaproxy/wiki/ApiPython)
+  * [Wiki](https://github.com/zaproxy/zaproxy/wiki/ApiDetails)
   * [OWASP ZAP User Group](https://groups.google.com/group/zaproxy-users) - for asking questions;
   * IRC: irc.mozilla.org #websectools (eg [using Mibbit](http://chat.mibbit.com/?server=irc.mozilla.org%3A%2B6697&channel=%23websectools)) - chat with core ZAP developers (European office hours usually best)
   
diff --git a/src/examples/basic-spider-scan.py b/src/examples/basic-spider-scan.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python
+# A basic ZAP Python API example which spiders and scans a target URL
+
+import time
+from pprint import pprint
+from zapv2 import ZAPv2
+
+target = 'http://127.0.0.1'
+apikey = 'changeme' # Change to match the API key set in ZAP, or use None if the API key is disabled
+#
+# By default ZAP API client will connect to port 8080
+zap = ZAPv2(apikey=apikey)
+# Use the line below if ZAP is not listening on port 8080, for example, if listening on port 8090
+# zap = ZAPv2(apikey=apikey, proxies={'http': 'http://127.0.0.1:8090', 'https': 'http://127.0.0.1:8090'})
+
+# Proxy a request to the target so that ZAP has something to deal with
+print 'Accessing target %s' % target
+zap.urlopen(target)
+# Give the sites tree a chance to get updated
+time.sleep(2)
+
+print 'Spidering target %s' % target
+scanid = zap.spider.scan(target)
+# Give the Spider a chance to start
+time.sleep(2)
+while (int(zap.spider.status(scanid)) < 100):
+    # Loop until the spider has finished
+    print 'Spider progress %: ' + zap.spider.status(scanid)
+    time.sleep(2)
+
+print 'Spider completed'
+
+while (int(zap.pscan.records_to_scan) > 0):
+      print ('Records to passive scan : ' + zap.pscan.records_to_scan)
+      time.sleep(2)
+
+print 'Passive Scan completed'
+
+print 'Active Scanning target %s' % target
+scanid = zap.ascan.scan(target)
+while (int(zap.ascan.status(scanid)) < 100):
+    # Loop until the scanner has finished
+    print 'Scan progress %: ' + zap.ascan.status(scanid)
+    time.sleep(5)
+
+print 'Active Scan completed'
+
+# Report the results
+
+print 'Hosts: ' + ', '.join(zap.core.hosts)
+print 'Alerts: '
+pprint (zap.core.alerts())
