intruxxer / zaproxy

Automatically exported from code.google.com/p/zaproxy
0 stars 0 forks source link

Import ModSecurity logs #432

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Enhancement request to import ModSecurity logs, as per 
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats

So ZAP should load data from such logs into the Sites tree and passively scan 
the data as if it had been obtained from the proxy.

It should NOT make any requests as part of the import process, but can make 
user initiated requests, eg active scanning, fuzzing etc.

It should be possible to import the files via the UI and the REST API.

Original issue reported on code.google.com by psii...@gmail.com on 10 Dec 2012 at 4:05

GoogleCodeExporter commented 9 years ago

Original comment by psii...@gmail.com on 29 Dec 2012 at 6:14

GoogleCodeExporter commented 9 years ago
Also being tracked on Bugzilla: 
https://bugzilla.mozilla.org/show_bug.cgi?id=825445

Original comment by psii...@gmail.com on 30 Dec 2012 at 10:15

GoogleCodeExporter commented 9 years ago
Any updates to this Issue?  This would really help ZAP to have a better SITE 
tree of resources.

Original comment by RCBarn...@gmail.com on 31 Jan 2014 at 5:13

GoogleCodeExporter commented 9 years ago
This seems like a great endeavor. Is anyone still working on it.

If the requester or owner do not update this issue by 20140719 it may be closed 
or re-assigned.

Original comment by kingtho...@gmail.com on 6 Jul 2014 at 2:03

GoogleCodeExporter commented 9 years ago
The issue was (or is being?) addressed in branch "importLog" [1]. The wiki page 
of the project [2] contains some information on the implementation status.

[1] 
https://code.google.com/p/zaproxy/source/browse/#svn%2Fbranches%2FimportLog%2Fim
portLog
[2] 
https://code.google.com/p/zaproxy/wiki/MozillaMentorship_ImportingModSecurityLog
s

Original comment by THC...@gmail.com on 6 Jul 2014 at 9:27

GoogleCodeExporter commented 9 years ago
Is anyone still in-touch with JosephPKirwin? Neither artifact seem to have been 
updated in about year.

Original comment by kingtho...@gmail.com on 21 Jul 2014 at 1:22

GoogleCodeExporter commented 9 years ago
I've pinged him...

Original comment by psii...@gmail.com on 21 Jul 2014 at 8:43

GoogleCodeExporter commented 9 years ago
This feature would be a great supplement for augmenting the SITE tree data that 
is populated by the Spider.  This is a similar concept to what is presented 
here - 
http://www.denimgroup.com/blog/denim_group/2014/03/application-scanners-surface.
html.  This uses a ZAP Plugin to pull in new Endpoint intel from ThredFix and 
add it to the SITE tree.  This could be similar functionality where there is a 
ZAP UI for importing the ModSecurity audit log data.

Hope this moves forward.

Original comment by RCBarn...@gmail.com on 24 Jul 2014 at 2:06

GoogleCodeExporter commented 9 years ago
https://code.google.com/p/zap-extensions/source/detail?r=1505

Original comment by THC...@gmail.com on 1 Sep 2014 at 10:08

GoogleCodeExporter commented 9 years ago
r5319

Original comment by THC...@gmail.com on 1 Sep 2014 at 10:31

GoogleCodeExporter commented 9 years ago
https://code.google.com/p/zap-extensions/source/detail?r=1584

Original comment by THC...@gmail.com on 1 Oct 2014 at 7:48

GoogleCodeExporter commented 9 years ago
Fixed with the first release of add-on "Log File Importer" (r5382).

Original comment by THC...@gmail.com on 1 Oct 2014 at 8:43