OWASP ZAP - 2.4.3 Global Exclude URL (Regex Help Needed)
3,249 views
Skip to first unread message
NCoder
Dec 9, 2015, 11:50:50 PM12/9/15
to OWASP ZAP User Group
Hi,
I'm facing issues with the Global Exclude URL, i know its in the beta phase, but still didnt find the basic functionality to work, not sure if its because of my regex pattern.
OWASP ZAP - 2.4.3
Global Exclude URL Add-On
1. I want to exlude urls other than two URL's to be proxied and scanned, hence i used the below regex pattern in the URL and it didnt work:
^((?!(https://abc.com|https://def.com)).)*$
I have tried all possible combinations and it didnt work, is there an issue with the add-on or my regex pattern. Please Help.
Ailton Caetano
Dec 10, 2015, 8:12:41 AM12/10/15
to zaproxy-users
NCoder,
see if this is gets you the desired result:
Regards,
Ailton Caetano
--
You received this message because you are subscribed to the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
kingthorin+owaspzap
Dec 10, 2015, 8:39:23 AM12/10/15
to OWASP ZAP User Group
The original one works if you escape the slashes and periods, do you really want negative look ahead though?
https://regex101.com/r/aB5kJ6/1
Assuming you DO want to match https://abc.com or https://def.com I think the following is more what you're after:
https://regex101.com/r/aB5kJ6/2
https://regex101.com/r/aB5kJ6/1
^((?!(https:\/\/abc\.com|https:\/\/def\.com)).)*$Assuming you DO want to match https://abc.com or https://def.com I think the following is more what you're after:
https://regex101.com/r/aB5kJ6/2
^(https:\/\/abc\.com|https:\/\/def\.com).*$NCoder
Dec 10, 2015, 2:57:27 PM12/10/15
to OWASP ZAP User Group
Hi Ailton,
I tried the below, but no luck :(
NCoder
Dec 10, 2015, 2:59:20 PM12/10/15
to OWASP ZAP User Group
The purpose is that,
ZAP records every URL that it proxies which is fine, but the alerts are flagged for all the URLs.
When i generate a report i will need something that is specific to my context, I'm guesing there are no options in the reports to do so.
Hence I want to filter out URLs prior to scan.
These ones doesnt seem to work though :(
NCoder
Dec 10, 2015, 3:03:42 PM12/10/15
to OWASP ZAP User Group
I meant generating a context report through proxy
thc...@gmail.com
Dec 10, 2015, 4:54:42 PM12/10/15
to zaprox...@googlegroups.com
Hi.
There's a typo in the regex that you provided:
.)*$
The quantifier * is not in the "any char".
With the typo fixed it works for me:
^((?!(https://abc.com|https://def.com)).*)$
Best regards.
On 10/12/15 20:03, NCoder wrote:
> I meant generating a context report through proxy
>
> On Thursday, December 10, 2015 at 11:59:20 AM UTC-8, NCoder wrote:
>
> The purpose is that,
> ZAP records every URL that it proxies which is fine, but the alerts
> are flagged for all the URLs.
> When i generate a report i will need something that is specific to
> my context, I'm guesing there are no options in the reports to do so.
> Hence I want to filter out URLs prior to scan.
>
> These ones doesnt seem to work though :(
>
> On Thursday, December 10, 2015 at 5:39:23 AM UTC-8,
> kingthorin+owaspzap wrote:
>
> The original one works if you escape the slashes and periods, do
> you really want negative look ahead though?
>
> https://regex101.com/r/aB5kJ6/1 <https://regex101.com/r/aB5kJ6/1>
There's a typo in the regex that you provided:
.)*$
The quantifier * is not in the "any char".
With the typo fixed it works for me:
^((?!(https://abc.com|https://def.com)).*)$
Best regards.
On 10/12/15 20:03, NCoder wrote:
> I meant generating a context report through proxy
>
> On Thursday, December 10, 2015 at 11:59:20 AM UTC-8, NCoder wrote:
>
> The purpose is that,
> ZAP records every URL that it proxies which is fine, but the alerts
> are flagged for all the URLs.
> When i generate a report i will need something that is specific to
> my context, I'm guesing there are no options in the reports to do so.
> Hence I want to filter out URLs prior to scan.
>
> These ones doesnt seem to work though :(
>
> On Thursday, December 10, 2015 at 5:39:23 AM UTC-8,
> kingthorin+owaspzap wrote:
>
> The original one works if you escape the slashes and periods, do
> you really want negative look ahead though?
>
>
> |
> ^((?!(https:\/\/abc\.com|https:\/\/def\.com)).)*$
> |
>
> Assuming you DO want to match https://abc.com or https://def.com
> I think the following is more what you're after:
>
> https://regex101.com/r/aB5kJ6/2 <https://regex101.com/r/aB5kJ6/2>
> |
> ^((?!(https:\/\/abc\.com|https:\/\/def\.com)).)*$
> |
>
> Assuming you DO want to match https://abc.com or https://def.com
> I think the following is more what you're after:
>
>
> |
> ^(https:\/\/abc\.com|https:\/\/def\.com).*$
> |
>
>
>
>
>
>
> |
> ^(https:\/\/abc\.com|https:\/\/def\.com).*$
> |
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
Praveen Kanniah
Dec 10, 2015, 5:22:36 PM12/10/15
to zaprox...@googlegroups.com
Hi,
Thanks ! I tried this too, but not luck !
Thanks ! I tried this too, but not luck !
Tools --> Options --> Global Exclude URL (Beta) --> Add
and provided the regex:
I still find the URLs popping in Sites, History and Alerts as well. Is there any alternative way to provide the Global Excludes ?
You received this message because you are subscribed to a topic in the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
thc...@gmail.com
Dec 10, 2015, 5:38:38 PM12/10/15
to zaprox...@googlegroups.com
Could you try with the following regex?
.*
that should exclude everything.
Just want to check that the basics are working.
You could manually add the regexes to "Exclude From ..." panels in
"Session Properties" dialogue but that should have the same effect
(unless there's a bug in the "Global Exclude URL"?).
Best regards.
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>
> > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
.*
that should exclude everything.
Just want to check that the basics are working.
You could manually add the regexes to "Exclude From ..." panels in
"Session Properties" dialogue but that should have the same effect
(unless there's a bug in the "Global Exclude URL"?).
Best regards.
> > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "OWASP ZAP User Group" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "OWASP ZAP User Group" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> zaproxy-user...@googlegroups.com
NCoder
Dec 10, 2015, 5:50:27 PM12/10/15
to OWASP ZAP User Group
Ok. I tried it now. No luck again. i still get all the URLs in the proxy, History and Alerts.
So is this is a bug with Global Exclude URL ?
So is this is a bug with Global Exclude URL ?
The only issue with setting in Session Properties is that as and when the URLs are proxied, Passive Scan alerts are flagged.
When i generate a HTML report using API calls, i get Alerts of all websites which i dont need.
> > <mailto:zaproxy-users+unsub...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "OWASP ZAP User Group" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users+unsub...@googlegroups.com>.
thc...@gmail.com
Dec 10, 2015, 6:15:39 PM12/10/15
to zaprox...@googlegroups.com
Might well be, that regex should exclude everything...
Do you have other regexes enabled or just that one?
Adding to "Exclude From Proxy" panel should prevent the URLs from being
passive scanned too.
Best regards.
> > ^((?!(https://abc.com|https://def.com <https://def.com>)).*)$
> > > <mailto:zaproxy-user...@googlegroups.com
Do you have other regexes enabled or just that one?
Adding to "Exclude From Proxy" panel should prevent the URLs from being
passive scanned too.
Best regards.
> > <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
> > > For more options, visit https://groups.google.com/d/optout
> >
> > --
> > You received this message because you are subscribed to a
> topic in
> > the Google Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this topic, visit
> >
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe
> <https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe>.
> > --
> > You received this message because you are subscribed to a
> topic in
> > the Google Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this topic, visit
> >
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe
>
> > To unsubscribe from this group and all its topics, send an
> email to
> > zaproxy-user...@googlegroups.com
> > <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
> > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
> > To unsubscribe from this group and all its topics, send an
> email to
> > zaproxy-user...@googlegroups.com
> > <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
> > For more options, visit https://groups.google.com/d/optout
> >
> > --
> > You received this message because you are subscribed to the Google
> > Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this group and stop receiving emails from it,
> send
> > an email to zaproxy-user...@googlegroups.com
> > <mailto:zaproxy-user...@googlegroups.com>.
> > --
> > You received this message because you are subscribed to the Google
> > Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this group and stop receiving emails from it,
> send
> > an email to zaproxy-user...@googlegroups.com
> > For more options, visit https://groups.google.com/d/optout
> <https://groups.google.com/d/optout>.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
Praveen Kanniah
Dec 10, 2015, 6:57:58 PM12/10/15
to zaprox...@googlegroups.com
Thanks much , the Exclude from Proxy seems to be a better option from the API. Ill use that and it worked too !
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
thc...@gmail.com
Dec 14, 2015, 4:37:53 AM12/14/15
to zaprox...@googlegroups.com
OK, glad it's working.
Still odd that the global excludes didn't work (most likely a bug).
Best regards.
> <mailto:zaproxy-user...@googlegroups.com>
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>
> > > > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>>.
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>.
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
Still odd that the global excludes didn't work (most likely a bug).
Best regards.
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>
> > > > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>>.
> > > > For more options, visit https://groups.google.com/d/optout
> > <https://groups.google.com/d/optout>.
> > >
> > > --
> > > You received this message because you are subscribed to a
> > topic in
> > > the Google Groups "OWASP ZAP User Group" group.
> > > To unsubscribe from this topic, visit
> > >
> >
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe
> >
> <https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe>.
> >
> > > To unsubscribe from this group and all its topics, send an
> > email to
> > > zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>
> > <https://groups.google.com/d/optout>.
> > >
> > > --
> > > You received this message because you are subscribed to a
> > topic in
> > > the Google Groups "OWASP ZAP User Group" group.
> > > To unsubscribe from this topic, visit
> > >
> >
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe
> >
> <https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe>.
> >
> > > To unsubscribe from this group and all its topics, send an
> > email to
> > > zaproxy-user...@googlegroups.com
> > > <mailto:zaproxy-users%2Bunsu...@googlegroups.com
> <mailto:zaproxy-users%252Buns...@googlegroups.com>>.
> > > For more options, visit https://groups.google.com/d/optout
> > <https://groups.google.com/d/optout>.
> > >
> > > --
> > > You received this message because you are subscribed to the
> Google
> > > Groups "OWASP ZAP User Group" group.
> > > To unsubscribe from this group and stop receiving emails
> from it,
> > send
> > > an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>
> > <https://groups.google.com/d/optout>.
> > >
> > > --
> > > You received this message because you are subscribed to the
> > > Groups "OWASP ZAP User Group" group.
> > > To unsubscribe from this group and stop receiving emails
> from it,
> > send
> > > an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>
> > > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > > For more options, visit https://groups.google.com/d/optout
> > <https://groups.google.com/d/optout>.
> >
> > --
> > You received this message because you are subscribed to the Google
> > Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> > an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>
> > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > > For more options, visit https://groups.google.com/d/optout
> > <https://groups.google.com/d/optout>.
> >
> > --
> > You received this message because you are subscribed to the Google
> > Groups "OWASP ZAP User Group" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> > an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>
> > <mailto:zaproxy-user...@googlegroups.com
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>>.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "OWASP ZAP User Group" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> zaproxy-user...@googlegroups.com
>
> --
> You received this message because you are subscribed to a topic in
> the Google Groups "OWASP ZAP User Group" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/zaproxy-users/CDvxO9kreXQ/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> <mailto:zaproxy-users%2Bunsu...@googlegroups.com>.
Reply all
Reply to author
Forward
0 new messages