This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM owasp/zap2docker-bare | |
LABEL maintainer="omerlh@gmail.com" | |
ENV ZAP_DIR=/home/zap/.ZAP | |
RUN zap.sh -cmd -addonupdate -addoninstall pscanrulesAlpha -addoninstall pscanrulesBeta -addoninstall pscanrules | |
COPY scripts /home/zap/scripts/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<script> | |
<scripts> | |
<name>Scan for anonymous requests</name> | |
<description/> | |
<engine>Oracle Nashorn</engine> | |
<type>passive</type> | |
<enabled>true</enabled> | |
<file>/home/zap/scripts/passive/annon-pasv-scanner.js</file> | |
</scripts> | |
</script> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* This script checks whether resources (URLs) are successfully accessed (Status 200 - Ok) | |
* on a request which did not have an authorization header. | |
* | |
* Note: This is a passive script not an active script: As such the Authorization header | |
* is not forcefully removed prior to making the request. This script will only alert if a | |
* request is proxied (or initiated via the spider(s), etc) which does not have an Authorization | |
* header, and subsequently passively scanned. | |
* Source: https://github.com/zaproxy/zaproxy/issues/4602#issuecomment-382106798 | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2018-01-24T19:31:16.711670649Z Function started (Id=7607ee73-9b89-4e49-b62c-203d5a3cd6cc) | |
2018-01-24T19:31:16.992934384Z Executing 'Functions.GitHubWebhookHandler' (Reason='This function was programmatically called via the host APIs.', Id=7607ee73-9b89-4e49-b62c-203d5a3cd6cc) | |
2018-01-24T19:31:17.326583193Z [41m[30mfail[39m[22m[49m: Host.Executor[0] | |
2018-01-24T19:31:17.326695697Z => RequestId:0HLB3C2ACNOII:00000001 RequestPath:/api/GitHubWebhookHandler => System.Collections.Generic.Dictionary`2[System.String,System.Object] => System.Collections.Generic.Dictionary`2[System.String,System.Object] | |
2018-01-24T19:31:17.326797601Z Exception while executing function: Functions.GitHubWebhookHandler. System.Private.CoreLib: One or more errors occurred. (Worker process with pid 35 exited with code 1) (Worker process with pid 55 exited with code 1) (Worker process with pid 68 exited with code 1). Worker process with pid 35 exited with code 1. | |
2018-01-24T19:31:17.348149447Z Exception while executing |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: autoscaler | |
data: | |
azure-sp-app-id: <%= @app_id %> | |
azure-sp-secret: <%= @app_secret %> | |
azure-sp-tenant-id: <Replace wiht your Tenant Id base64 encoded> | |
kubeconfig-private-key: <%= @kubeconfig_private_key %> | |
client-private-key: <%= @client_private_key %> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Source: oficial ruby docker image | |
set -ex | |
mkdir -p /usr/local/etc \ | |
&& { \ | |
echo 'install: --no-document'; \ | |
echo 'update: --no-document'; \ | |
} >> /usr/local/etc/gemrc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2017-08-09T11:38:28.148459764Z Found Java version 1.8.0_111-internal | |
2017-08-09T11:38:28.177835375Z Available memory: 1999 MB | |
2017-08-09T11:38:28.185716651Z Setting jvm heap size: -Xmx499m | |
2017-08-09T11:38:44.816523011Z 5722 [main] INFO org.zaproxy.zap.DaemonBootstrap - OWASP ZAP 2.6.0 started 09/08/17 11:38:44 | |
2017-08-09T11:38:45.788296197Z 6607 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.disablekey = true was null | |
2017-08-09T11:38:45.788336152Z 6607 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config database.recoverylog = false was null | |
2017-08-09T11:38:45.788348439Z 6608 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config connection.timeoutInSecs = 120 was null | |
2017-08-09T11:38:45.788358427Z 6608 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.addrs.addr.name = .* was null | |
2017-08-09T11:38:45.788366618Z 6608 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.addrs.addr.regex = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<head> | |
<META http-equiv="Content-Type" content="text/html; charset=UTF-8"> | |
<title>ZAP Scanning Report</title> | |
</head> | |
<body text="#000000"> | |
<p> | |
<strong>ZAP Scanning Report</strong> | |
</p> | |
<p> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import com.datatheorem.android.trustkit.TrustKit; | |
import com.datatheorem.android.trustkit.config.PublicKeyPin; | |
import javax.inject.Inject; | |
import okhttp3.CertificatePinner; | |
import okhttp3.OkHttpClient; | |
public class OkHttpCertPin { | |
private final TrustKit mTrustKit; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// MockURLProtocol.swift | |
// SolutoHome | |
// | |
// Created by Omer Levi Hevroni on 2/23/16. | |
// Copyright © 2016 Soluto. All rights reserved. | |
// | |
import Foundation |