该的Acunetix API让您有机会来实现任务自动化,从而提高效率-尤其是当你可以用加速您的工作流程的其他组件的功能整合。在此示例中,我们将在上一篇文章的基础上,向您展示如何在Bash脚本中使用Acunetix API:使用Bash和Acunetix API管理扫描。我们将代码添加到该Bash脚本中,以实现以下自动化:

Acunetix中: 触发创建导出文件以随后导入到WAF中 监视导出状态,直到完成 下载导出文件 在BigIP ASM中 定义目标 定义安全策略 上载汇出 脚本添加的剖析 脚本添加遵循以下结构:

Acunetix API任务 导出文件的生成被触发 创建一个循环,该循环每10秒检查一次导出文件生成的状态,并等待状态完成 导出文件已下载 WAF API任务 为目标创建一个虚拟服务器 漏洞评估基准的ID是从WAF中检索的 创建Acunetix扫描的安全策略 从WAF检索安全策略的ID 安全策略的扫描程序类型设置为“通用扫描程序” 计算导出文件的大小 导出文件已上传到WAF 导出文件已导入到安全策略中 Bash脚本添加

... previous script above this line
Declare variables for Acunetix
MyTargetIP=getent hosts testphp.vulnweb.com | awk '{ print $1 } ExportTypeID="21111111-1111-1111-1111-111111111113" # F5 BigIP

Declare variables for F5 BigIp
MyTargetDomain=echo "$MyTargetURL" | sed -e 's|^[^/]*//||' -e 's|/.*$||' MyBigIpUser="admin" MyBigIpPass="adminpass123%" MyBigIpHost="192.168.72.128"

MyExportResult=curl -i -sS -k -X POST $MyAXURL/exports -H "Content-Type: application/json" -H "X-Auth: $MyAPIKEY" --data "{\"export_id\":\"$ExportTypeID\",\"source\":{\"list_type\":\"scan_result\",\"id_list\":[\"$MyScanResultID\"]}}"

MyExportElement=echo "$MyExportResult" | grep "Location: " | sed "s/Location: \/api\/v1\/exports\///" | sed "s/\r//g" | sed -z "s/\n//g" MyExportURL=echo "$MyAXURL/exports/$MyExportElement" MyExportID=echo "$MyExportResult" | grep -Po '"report_id": *\K"[^"]*"' | tr -d '"'

while true; do MyExportStatus=curl -sS -k -X GET "$MyAXURL/exports/{$MyExportID}" -H "Accept: application/json" -H "X-Auth: $MyAPIKEY"

if [[ "$MyExportStatus" == *""status": "processing""* ]]; then echo "Export status: Processing - waiting 10 seconds" elif [[ "$MyExportStatus" == *""status": "queued""* ]]; then echo "Export status: Queued - waiting 10 seconds" elif [[ "$MyExportStatus" == *""status": "completed""* ]]; then echo "Export status: Completed" # Break out of loop break else echo "Invalid export status - aborting" # Clean up and exit script cleanup exit 1 fi sleep 10 done

MyExportFile=echo $MyExportStatus | sed 's/.*\[ \"\/api\/v1\/reports\/download\/\([^]]*\)\" \].*/\1/g' echo "Export file: $MyExportFile"

Download export file from Acunetix
Dummy=curl -sS -k "$MyAXURL/reports/download/$MyExportFile" -o $MyExportFile

Create a virtual server for your target
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/ltm/virtual" -H "Content-type: application/json" --data '{"name":"MyWebApplication","destination":"'"$MyTargetIP"':80","ipProtocol":"tcp"}' echo "Created a virtual server"

Get the ID of the vulnerability assessment baseline policy
MyBigIpVulnBaselineID=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X GET "https://$MyBigIpHost/mgmt/tm/asm/policy-templates" -H "Content-type: application/json" | jq -r '.items[] | select(.title == "Vulnerability Assessment Baseline") | .id'

Create a security policy for Acunetix scans
MyBigIpPolicyResponse=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/policies" -H "Content-type: application/json" --data '{"name":"AcunetixPolicy","description":"Import from Acunetix Scan Results","virtualServers":["/Common/MyWebApplication"],"type":"security","enforcementMode":"blocking","templateReference":{"link":"https://$MyBigIpHost/mgmt/tm/asm/policy-templates/'"$MyBigIpVulnBaselineID"'"}}' MyBigIpPolicyID=echo $MyBigIpPolicyResponse | jq -r '.id' echo "Security policy ID: $MyBigIpPolicyID"

Set scanner type to Generic scanner
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X PATCH "https://$MyBigIpHost/mgmt/tm/asm/policies/$MyBigIpPolicyID/vulnerability-assessment" -H "Content-type: application/json" --data '{"scannerType":"generic"}' echo "Scanner type set to Generic scanner"

Get file size
MyExportFileSize=stat --printf="%s" $MyExportFile

Upload the file to the WAF
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/file-transfer/uploads/$MyExportFile" -H "Content-type: application/octet-stream" -H "Content-Range: 0-$((MyExportFileSize-1))/$MyExportFileSize" --data-binary @$MyExportFile echo "Acunetix export file uploaded to the WAF"

Import the file into the security policy
Dummy=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X POST "https://$MyBigIpHost/mgmt/tm/asm/tasks/import-vulnerabilities" -H "Content-type: application/json" --data '{"policyReference":{"link":"https://'"$MyBigIpHost"'/mgmt/tm/asm/policies/'"$MyBigIpPolicyID"'"},"filename":"'"$MyExportFile"'","importAllDomainNames":false,"domainNames":["'"$MyTargetDomain"'"]}' echo "Acunetix export file imported to the security policy"

Get the vulnerabilities collection object
MyVulnerabilities=curl -sS -k -u $MyBigIpUser:$MyBigIpPass -X GET "https://$MyBigIpHost/mgmt/tm/asm/policies/$MyBigIpPolicyID/vulnerabilities" MyVulnerabilitiesItems=echo $MyVulnerabilities | jq '.totalItems' echo "Number of vulnerabilities imported: $MyVulnerabilitiesItems" if [[ $MyVulnerabilitiesItems -eq 0 ]]; then echo "No vulnerabilities imported; exiting" exit 1; fi

echo "$MyVulnerabilitiesItems vulnerabilities imported. You now need to configure resolution parameters for each vulnerability."
————————————————
版权声明:本文为CSDN博主「kevin20182019」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
原文链接:https://blog.csdn.net/kevin20182019/article/details/117121273

Acunetix与WAF集成:Acunetix和F5 BigIP ASM的更多相关文章

  1. WAF集成:Acunetix和FortiWeb

    Acunetix API使您有机会自动化任务以提高效率,尤其是在您可以加速与工作流其他组件的集成功能时.在此示例中,我们将在上一篇文章的基础上,向您展示如何在Bash脚本中使用Acunetix API ...

  2. CVE-2020-5902 F5 BIG-IP 远程代码执行漏洞

    CVE-2020-5902 F5 BIG-IP 远程代码执行漏洞复现 漏洞介绍 F5 BIG-IP 是美国 F5 公司的一款集成了网络流量管理.应用程序安全管理.负载均衡等功能的应用交付平台. 近日, ...

  3. F5 BIG-IP 远程代码执行RCE(CVE-2020-5902)复现

    漏洞简介 F5 BIG-IP 是美国``F5公司一款集成流量管理.DNS.出入站规则.web应用防火墙.web网关.负载均衡等功能的应用交付平台. 在F5 BIG-IP产品的流量管理用户页面 (TMU ...

  4. F5 BIG-IP 远程代码执行漏洞环境搭建

    最近F5设备里的远程代码执行漏洞可谓是火爆,漏洞评分10分,所以,我也想搭建下环境复现一下该漏洞 漏洞详情 F5 BIG-IP 是美国F5公司一款集成流量管理.DNS.出入站规则.web应用防火墙.w ...

  5. F5 BIG-IP负载均衡器配置实例与Web管理界面体验

    [文章作者:张宴 本文版本:v1.0 最后修改:2008.05.22 转载请注明出自:http://blog.s135.com/f5_big_ip] 前言:最近一直在对比测试F5 BIG-IP和Cit ...

  6. [转]F5 BIG-IP负载均衡器配置实例与Web管理界面体验

    转载:http://www.zyan.cc/f5_big_ip/ 前言:最近一直在对比测试F5 BIG-IP和Citrix NetScaler负载均衡器的各项性能,于是写下此篇文章,记录F5 BIG- ...

  7. F5 BIG-IP – Useful SNMP oids to monitor

    I have collected some of the most interesting OIDs (in my scenario im using LTM and APM modules) fro ...

  8. 将Acunetix与CircleCI集成

    如果要在DevSecOps中包含Acunetix ,则需要将其与CI / CD系统集成.Acunetix具有针对最受欢迎的CI / CD系统Jenkins的现成集成.但是,您可以使用Acunetix ...

  9. CVE-2020-5902 F5 BIG-IP 远程代码执行RCE

    cve-2020-5902 : RCE:curl -v -k 'https://[F5 Host]/tmui/login.jsp/..;/tmui/locallb/workspace/tmshCmd. ...

随机推荐

  1. Python+Selenium自动化-设置浏览器大小、刷新页面、前进和后退

    Python+Selenium自动化-设置浏览器大小.刷新页面.前进和后退   1.设置浏览器大小 maximize_window():设置浏览器大小为全屏 set_window_size(500,5 ...

  2. CVPR2020论文点评: AdderNet(加法网络)

    CVPR2020论文点评: AdderNet(加法网络) 论文原文链接:https://arxiv.org/pdf/1912.13200.pdf 源码链接:https://github.com/hua ...

  3. 简化可视SLAM应用程序的开发

    简化可视SLAM应用程序的开发 Easing the development of visual SLAM applications 同步定位和映射(SLAM)描述了一个设备(如机器人)使用传感器数据 ...

  4. 源码简析Spring-Integration执行过程

    一,前言 Spring-Integration基于Spring,在应用程序中启用了轻量级消息传递,并支持通过声明式适配器与外部系统集成.这一段官网的介绍,概况了整个Integration的用途.个人感 ...

  5. 我的QT学习路线(目前)

    qt基础->qt事件->qt绘图->qt文件IO->qt网络通信->qt多线程->qt数据库操作.

  6. Docker系列——Grafana+Prometheus+Node-exporter钉钉推送(四)

    近期搭建的服务器监控平台,来进行一个总结.主要分为监控平台的搭建.告警中心的配置以及消息的推送.推送的话,支持多种终端.具体详细可查看之前的博文,在这里罗列下,方便查看. Docker系列--Graf ...

  7. 【VBA】最大行,最大列

    最大行: Range("B" & Cells.Rows.Count).End(xlUp).Row 最大列 colu = Range("XFD2").En ...

  8. PTA4题学习总结

    前言: 这是我20多年以来第一次写博客了,还是在学校里那可(牛)爱(逼)的Java老师的安(逼)慰(迫)下,含泪写下第一篇博客,大家应该都明白这种含泪写下的佳(废)作(品)是多么的动人的. 就不开玩笑 ...

  9. 2020年11月CKA新题考试心得体会

    1 什么是CKA CKA,即Certificated Kubernetes Administrator,CNCF官方提供的Kubernetes技能认证,含金量还是不错的.还有CKAD,相对简单一些,没 ...

  10. 深入了解Debug和Release的区别

    原文地址:https://blog.csdn.net/sky___ice/article/details/8993885 一: Bin 目录用来存放编译的结果,bin是二进制binrary的英文缩写, ...