mirror of
https://gitea.com/mcereda/oam.git
synced 2026-02-09 05:44:23 +00:00
feat(peerdb): management via api
This commit is contained in:
Michele Cereda
77
knowledge base/owasp zap.md
Normal file
77
knowledge base/owasp zap.md
Normal file
@@ -0,0 +1,77 @@
|
|||||||
|
# Zed Attack Proxy
|
||||||
|
|
||||||
|
Widely used free and open source web app scanner.
|
||||||
|
|
||||||
|
Helps automatically find security vulnerabilities in web applications.
|
||||||
|
|
||||||
|
1. [TL;DR](#tldr)
|
||||||
|
1. [Further readings](#further-readings)
|
||||||
|
1. [Sources](#sources)
|
||||||
|
|
||||||
|
## TL;DR
|
||||||
|
|
||||||
|
<details>
|
||||||
|
<summary>Setup</summary>
|
||||||
|
|
||||||
|
```sh
|
||||||
|
docker pull 'zaproxy/zap-stable' # or 'ghcr.io/zaproxy/zaproxy:stable'
|
||||||
|
```
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
<details>
|
||||||
|
<summary>Usage</summary>
|
||||||
|
|
||||||
|
```sh
|
||||||
|
# Get a shell in the container.
|
||||||
|
docker run --rm --name 'zap' -ti 'zaproxy/zap-stable'
|
||||||
|
|
||||||
|
# Start the Web UI.
|
||||||
|
docker run --rm --name 'web-ui' -d -u 'zap' -p '8080:8080' -p '8090:8090' 'zaproxy/zap-stable' zap-webswing.sh \
|
||||||
|
&& open 'http://localhost:8080/zap/'
|
||||||
|
|
||||||
|
# Start API scans.
|
||||||
|
docker run --rm --name 'api-scan' 'zaproxy/zap-stable' zap-api-scan.py -t 'http://localhost:3000/api/v1/' -f 'openapi'
|
||||||
|
```
|
||||||
|
|
||||||
|
</details>
|
||||||
|
|
||||||
|
<!-- Uncomment if used
|
||||||
|
<details>
|
||||||
|
<summary>Real world use cases</summary>
|
||||||
|
|
||||||
|
```sh
|
||||||
|
```
|
||||||
|
|
||||||
|
</details>
|
||||||
|
-->
|
||||||
|
|
||||||
|
## Further readings
|
||||||
|
|
||||||
|
- [Website]
|
||||||
|
- [Codebase]
|
||||||
|
|
||||||
|
### Sources
|
||||||
|
|
||||||
|
- [Documentation]
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Reference
|
||||||
|
═╬═Time══
|
||||||
|
-->
|
||||||
|
|
||||||
|
<!-- In-article sections -->
|
||||||
|
<!-- Knowledge base -->
|
||||||
|
<!-- Files -->
|
||||||
|
<!-- Upstream -->
|
||||||
|
[codebase]: https://github.com/zaproxy/zaproxy
|
||||||
|
[documentation]: https://www.zaproxy.org/docs/
|
||||||
|
[website]: https://www.zaproxy.org/
|
||||||
|
|
||||||
|
<!--
|
||||||
|
https://www.zaproxy.org/docs/docker/about/
|
||||||
|
https://www.zaproxy.org/docs/docker/api-scan/
|
||||||
|
https://www.zaproxy.org/docs/docker/webswing/
|
||||||
|
-->
|
||||||
|
|
||||||
|
<!-- Others -->
|
||||||
68
snippets/peerdb.fish
Normal file
68
snippets/peerdb.fish
Normal file
@@ -0,0 +1,68 @@
|
|||||||
|
#!/usr/bin/env fish
|
||||||
|
|
||||||
|
# List peers
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/peers/list' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)"
|
||||||
|
|
||||||
|
# Create peers
|
||||||
|
# postgres: peer.type=3|'POSTGRES' + postgres_config={…}
|
||||||
|
# clickhouse: peer.type=8 + clickhouse_config={…}
|
||||||
|
# kafka: peer.type=9 + kafka_config={…}
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/peers/create' -X 'POST' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
-d "{
|
||||||
|
\"peer\": {
|
||||||
|
\"name\": \"some_pg_peer\",
|
||||||
|
\"type\": \"POSTGRES\",
|
||||||
|
\"postgres_config\": {
|
||||||
|
\"host\": \"localhost\",
|
||||||
|
\"port\": 5432,
|
||||||
|
\"user\": \"peerdb\",
|
||||||
|
\"password\": \"$(gopass show -o 'peerdb/db-user')\",
|
||||||
|
\"database\": \"sales\"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}"
|
||||||
|
|
||||||
|
# Update peers
|
||||||
|
# Reuse the command for creation but add 'allow_update: true' to the data
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/peers/create' -X 'POST' … \
|
||||||
|
-d "{
|
||||||
|
\"peer\": { … },
|
||||||
|
allow_update: true
|
||||||
|
}"
|
||||||
|
|
||||||
|
# List mirrors
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/mirrors/list' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
| jq '.mirrors[]' -
|
||||||
|
|
||||||
|
# Get mirrors' status
|
||||||
|
curl -fsS 'http://localhost:3000/api/v1/mirrors/status' -X 'POST' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
-d '{ "flowJobName": "testing_bq_2" }'
|
||||||
|
|
||||||
|
# Get mirrors' configuration
|
||||||
|
curl -fsS 'http://localhost:3000/api/v1/mirrors/status' -X 'POST' \
|
||||||
|
-H 'Content-Type: application/json' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
-d '{
|
||||||
|
"flowJobName": "testing_bq_2",
|
||||||
|
"includeFlowInfo": true
|
||||||
|
}' \
|
||||||
|
| jq '.cdcStatus.config' -
|
||||||
|
|
||||||
|
# Show alerts' configuration
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/alerts/config' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
| jq '.configs[]' -
|
||||||
|
|
||||||
|
# Others
|
||||||
|
curl -fsS 'http://localhost:3000/api/v1/dynamic_settings' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
| jq '.settings[]' -
|
||||||
|
curl -fsS --url 'http://localhost:3000/api/v1/scripts/-1' \
|
||||||
|
-H "Authorization: Basic $(gopass show -o 'peerdb/instance' | xargs printf '%s' ':' | base64)" \
|
||||||
|
| jq '.scripts[]' -
|
||||||
Reference in New Issue
Block a user