-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnetsparker.js
116 lines (102 loc) · 3.79 KB
/
netsparker.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
const jUnitBuilder = require('junit-report-builder');
const fetch = require('node-fetch');
const header = require('basic-auth-header');
const sleep = require('sleep-promise');
class Netsparker {
constructor(userid, apitoken, profilename, targetsite) {
this.userid = userid;
this.apitoken = apitoken;
this.profilename = profilename;
this.targetsite = targetsite;
}
async scan() {
const response = await fetch('https://www.netsparkercloud.com/api/1.0/scans/newwithprofile', {
method: 'POST',
body: `{ "ProfileName": "${this.profilename}", "TargetUri": "${this.targetsite}" }`,
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': header(this.userid, this.apitoken)
}
});
const body = await response.text();
if(!response.ok) {
throw new Error(`${response.statusText} - ${body}`);
}
const scanId = JSON.parse(body).Id;
return scanId;
}
async scanStatus(scanId) {
const response = await fetch(`https://www.netsparkercloud.com/api/1.0/scans/status/${scanId}`, {
method: 'GET',
headers: {
'Accept': 'application/json',
'Authorization': header(this.userid, this.apitoken)
}
});
if(!response.ok) {
throw new Error(response.statusText);
}
const body = await response.text();
const result = JSON.parse(body);
return result;
}
async waitForScanToComplete(scanId) {
var complete = false;
do
{
const scanStatusResult = await this.scanStatus(scanId);
if(scanStatusResult.State == "Complete")
complete = true;
else {
if(scanStatusResult.EstimatedLaunchTime == null)
console.log(`Scan running - ${scanStatusResult.CompletedSteps}/${scanStatusResult.EstimatedSteps} complete`);
else
console.log(`Scan estimated start time - ${scanStatusResult.EstimatedLaunchTime}`);
await sleep(5000);
}
} while(!complete);
}
async scanResults(scanId) {
const response = await fetch(`https://www.netsparkercloud.com/api/1.0/scans/result/${scanId}`, {
method: 'GET',
headers: {
'Accept': 'application/json',
'Authorization': header(this.userid, this.apitoken)
}
});
if(!response.ok) {
throw new Error(response.statusText);
}
const body = await response.text();
const results = JSON.parse(body);
return results;
}
async scanReport(scanId, type, format) {
const response = await fetch(`https://www.netsparkercloud.com/api/1.0/scans/report/?excludeResponseData=true&format=${format}&id=${scanId}&type=${type}`, {
method: 'GET',
headers: {
'Authorization': header(this.userid, this.apitoken)
}
});
if(!response.ok) {
throw new Error(response.statusText);
}
const body = await response.text();
const results = JSON.parse(body);
return results;
}
createJunitTestReport(scanResults, junitFile) {
const suite = jUnitBuilder.testSuite().name('NetsparkerSuite');
for(var i = 0; i < scanResults.length; i++) {
const result = scanResults[i];
suite.testCase()
.className(result.Type)
.name(result.Title)
.standardOutput(result.IssueUrl)
.failure();
}
jUnitBuilder.writeTo(junitFile);
}
}
module.exports = Netsparker