Last active
December 20, 2015 13:29
-
-
Save yeukhon/6138782 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from flask import Flask | |
| app = Flask(__name__) | |
| @app.route('/') | |
| def hello_world(): | |
| print "hit base url" | |
| return """\ | |
| <html><body><a href="http://localhost:1234/path1">path1</a><a href="http://localhost:1234/path2">path2</a></body></html>""" | |
| @app.route('/path1') | |
| def path1(): | |
| print 'hit path 1' | |
| return "Hello World!!" | |
| @app.route("/path2") | |
| def path2(): | |
| print 'hit path2' | |
| return "okay" | |
| if __name__ == '__main__': | |
| app.run(port=1234) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from zapv2 import ZAPv2 as zap | |
| import time | |
| target = 'http://localhost:1234/' | |
| z = zap(proxies={'http': 'http://127.0.0.1:9999'}) | |
| z.urlopen(target) | |
| time.sleep(5) | |
| print 'start..' | |
| # comment this out to test spider exclusion below | |
| z.core.exclude_from_proxy('\Q%s\E' % target + 'path1') | |
| #z.spider.exclude_from_scan('\Q%s\E' % target + 'path1') | |
| z.spider.scan(target) | |
| #z.ascan.scan(target) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment