Skip to content

Commit 14be788

Browse files
kingthorinkingthorin
committed
Added testfire AF plan
Signed-off-by: kingthorin <kingthorin@users.noreply.github.com>
1 parent 9ac326b commit 14be788

File tree

2 files changed

+63
-0
lines changed

2 files changed

+63
-0
lines changed

other/CHANGELOG.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,9 @@ All notable changes to the 'other' section of this repository will be documented
33

44
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
55

6+
### 2025-10-06
7+
- Added af-plans/FullScanTestfireAuth.yaml
8+
69
### 2025-10-03
710
- Added af-plans/FullScanCrApiAuth.yaml and more import job examples to af-plans/ApiScanExample.yaml
811
- Changed auth AF plans to use seconds instead of requests for pollUnits.

other/af-plans/FullScanTestfireAuth.yaml

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
---
2+
# A simple plan for performing an authenticated scan against Testfire (AltoroJ).
3+
#
4+
env:
5+
contexts:
6+
- name: testfire
7+
urls:
8+
- http://testfire.net
9+
includePaths:
10+
- http://testfire.net.*
11+
- https://testfire.net.*
12+
authentication:
13+
method: browser
14+
parameters:
15+
loginPageUrl: http://testfire.net/login.jsp
16+
browserId: firefox-headless
17+
loginPageWait: 2
18+
verification:
19+
method: poll
20+
loggedInRegex: \Q 200 OK\E
21+
loggedOutRegex: \Q 302 Found\E
22+
pollFrequency: 60
23+
pollUnits: seconds
24+
pollUrl: http://testfire.net/bank/main.jsp
25+
pollPostData: ""
26+
sessionManagement:
27+
method: headers
28+
users:
29+
- name: jsmith
30+
credentials:
31+
password: demo1234
32+
username: jsmith
33+
parameters: {}
34+
jobs:
35+
- type: openapi
36+
parameters:
37+
apiUrl: https://testfire.net/swagger/properties.json
38+
context: testfire
39+
user: jsmith
40+
- type: spider
41+
parameters:
42+
context: testfire
43+
user: jsmith
44+
url: http://testfire.net
45+
- type: passiveScan-wait
46+
parameters: {}
47+
- type: activeScan
48+
parameters:
49+
context: testfire
50+
user: jsmith
51+
policy:
52+
policyDefinition:
53+
defaultStrength: medium
54+
defaultThreshold: medium
55+
- parameters:
56+
template: "modern"
57+
reportTitle: "ZAP Scanning Report"
58+
reportDescription: ""
59+
name: "report"
60+
type: "report"

0 commit comments

Comments
 (0)