ZAP alerts and associated CWE ID
729 views
Skip to first unread message
Vinda Parab
Dec 3, 2021, 1:46:04 AM12/3/21
to OWASP ZAP User Group
Hello Team,
Is there a quick way to get the list of all the ZAP Alerts with associated CWE Ids?
Regards,
Vinda
kingthorin+owaspzap
Dec 3, 2021, 9:51:46 AM12/3/21
to OWASP ZAP User Group
Not currently.
You could install all the scan rules then run this: https://github.com/zaproxy/community-scripts/blob/main/standalone/scan_rule_list.js (though it'll require some modifications to include the CWEs).
kingthorin+owaspzap
Dec 3, 2021, 10:49:26 AM12/3/21
to OWASP ZAP User Group
// This script gives details about all of the scan rules installed
extAscan = org.parosproxy.paros.control.Control.getSingleton().
getExtensionLoader().getExtension(
org.zaproxy.zap.extension.ascan.ExtensionActiveScan.NAME);
plugins = extAscan.getPolicyManager().getDefaultScanPolicy().getPluginFactory().getAllPlugin().toArray();
print('Plugin ID\tName\tType\tStatus\tCWE');
for (var i=0; i < plugins.length; i++) {
try {
var cwe = '';
try {
cwe = plugins[i].getCweId()
} catch (e) {
cwe = "";
}
print(plugins[i].getId()+ '\t' + plugins[i].getName() + '\tActive' + '\t' + plugins[i].getStatus() + '\t' + cwe);
} catch (e) {
print(e);
}
}
extPscan = org.parosproxy.paros.control.Control.getSingleton().
getExtensionLoader().getExtension(
org.zaproxy.zap.extension.pscan.ExtensionPassiveScan.NAME);
plugins = extPscan.getPluginPassiveScanners().toArray();
for (var i=0; i < plugins.length; i++) {
try {
var cwe = '';
try {
cwe = plugins[i].getCweId()
} catch (e) {
cwe = "";
}
print(plugins[i].getPluginId()+ '\t' + plugins[i].getName() + '\tPassive' + '\t' + plugins[i].getStatus() + '\t' + cwe);
} catch (e) {
print(e);
}
}
extAscan = org.parosproxy.paros.control.Control.getSingleton().
getExtensionLoader().getExtension(
org.zaproxy.zap.extension.ascan.ExtensionActiveScan.NAME);
plugins = extAscan.getPolicyManager().getDefaultScanPolicy().getPluginFactory().getAllPlugin().toArray();
print('Plugin ID\tName\tType\tStatus\tCWE');
for (var i=0; i < plugins.length; i++) {
try {
var cwe = '';
try {
cwe = plugins[i].getCweId()
} catch (e) {
cwe = "";
}
print(plugins[i].getId()+ '\t' + plugins[i].getName() + '\tActive' + '\t' + plugins[i].getStatus() + '\t' + cwe);
} catch (e) {
print(e);
}
}
extPscan = org.parosproxy.paros.control.Control.getSingleton().
getExtensionLoader().getExtension(
org.zaproxy.zap.extension.pscan.ExtensionPassiveScan.NAME);
plugins = extPscan.getPluginPassiveScanners().toArray();
for (var i=0; i < plugins.length; i++) {
try {
var cwe = '';
try {
cwe = plugins[i].getCweId()
} catch (e) {
cwe = "";
}
print(plugins[i].getPluginId()+ '\t' + plugins[i].getName() + '\tPassive' + '\t' + plugins[i].getStatus() + '\t' + cwe);
} catch (e) {
print(e);
}
}
Plugin ID Name Type Status CWE
6 Path Traversal Active release 22
7 Remote File Inclusion Active release 98
10045 Source Code Disclosure - /WEB-INF folder Active release 541
20019 External Redirect Active release 601
40009 Server Side Include Active release 97
40012 Cross Site Scripting (Reflected) Active release 79
40014 Cross Site Scripting (Persistent) Active release 79
40018 SQL Injection Active release 89
90019 Server Side Code Injection Active release 94
90020 Remote OS Command Injection Active release 78
0 Directory Browsing Active release 548
30001 Buffer Overflow Active release 120
30002 Format String Error Active release 134
40003 CRLF Injection Active release 113
40008 Parameter Tampering Active release 472
40028 ELMAH Information Leak Active release 94
40032 .htaccess Information Leak Active release 94
40016 Cross Site Scripting (Persistent) - Prime Active release 79
40017 Cross Site Scripting (Persistent) - Spider Active release 79
50000 Script Active Scan Rules Active release 0
41 Source Code Disclosure - Git Active beta 541
43 Source Code Disclosure - File Inclusion Active beta 541
10048 Remote Code Execution - Shell Shock Active beta 78
10107 Httpoxy - Proxy Header Misuse Active beta 20
20012 Anti-CSRF Tokens Check Active beta 352
20015 Heartbleed OpenSSL Vulnerability Active beta 119
20016 Cross-Domain Misconfiguration Active beta 264
20017 Source Code Disclosure - CVE-2012-1823 Active beta 20
20018 Remote Code Execution - CVE-2012-1823 Active beta 20
40013 Session Fixation Active beta 384
40019 SQL Injection - MySQL Active beta 89
40020 SQL Injection - Hypersonic SQL Active beta 89
40021 SQL Injection - Oracle Active beta 89
40022 SQL Injection - PostgreSQL Active beta 89
40024 SQL Injection - SQLite Active beta 89
40026 Cross Site Scripting (DOM Based) Active beta 79
40027 SQL Injection - MsSQL Active beta 89
90021 XPath Injection Active beta 643
90023 XML External Entity Attack Active beta 611
90024 Generic Padding Oracle Active beta 209
90025 Expression Language Injection Active beta 917
90034 Cloud Metadata Potentially Exposed Active beta 0
42 Source Code Disclosure - SVN Active beta 541
10051 Relative Path Confusion Active beta 20
10095 Backup File Disclosure Active beta 530
10106 HTTP Only Site Active beta 311
30003 Integer Overflow Error Active beta 190
40025 Proxy Disclosure Active beta 200
40029 Trace.axd Information Leak Active beta 215
40034 .env Information Leak Active beta 215
40035 Hidden File Finder Active beta 538
90017 XSLT Injection Active beta 91
90028 Insecure HTTP Method Active beta 200
10047 HTTPS Content Available via HTTP Active beta 311
10058 GET for POST Active beta 16
10104 User Agent Fuzzer Active beta 0
20014 HTTP Parameter Pollution Active beta 20
40023 Possible Username Enumeration Active beta 200
90027 Cookie Slack Detector Active beta 200
40015 LDAP Injection Active alpha 90
40033 NoSQL Injection - MongoDB Active alpha 943
60100 Example Active Scan Rule: Denial of Service Active alpha 0
60101 An example active scan rule which loads data from a file Active alpha 0
40038 Bypassing 403 Active alpha 0
40039 Web Cache Deception Active alpha 0
40040 CORS Header Active alpha 942
40042 Spring Actuator Information Leak Active alpha 215
50001 Script Passive Scan Rules Passive release
50003 Stats Passive Scan Rule Passive release
10103 Image Location and Privacy Scanner Passive beta
10003 Vulnerable JS Library Passive release
10044 Big Redirect Detected (Potential Sensitive Information Leak) Passive beta
10038 Content Security Policy (CSP) Header Not Set Passive beta
10033 Directory Browsing Passive beta
10097 Hash Disclosure Passive beta
10034 Heartbleed OpenSSL Vulnerability (Indicative) Passive beta
10041 HTTP to HTTPS Insecure Transition in Form Post Passive beta
10042 HTTPS to HTTP Insecure Transition in Form Post Passive beta
10108 Reverse Tabnabbing Passive beta
10109 Modern Web Application Passive beta
10062 PII Disclosure Passive beta
10050 Retrieved from Cache Passive beta
10036 HTTP Server Response Header Passive beta
10026 HTTP Parameter Override Passive beta
10035 Strict-Transport-Security Header Passive beta
10030 User Controllable Charset Passive beta
10029 Cookie Poisoning Passive beta
10031 User Controllable HTML Element Attribute (Potential XSS) Passive beta
10043 User Controllable JavaScript Event (XSS) Passive beta
10028 Open Redirect Passive beta
10039 X-Backend-Server Header Information Leak Passive beta
10052 X-ChromeLogger-Data (XCOLD) Header Information Leak Passive beta
90022 Application Error Disclosure Passive release 200
10015 Incomplete or No Cache-control Header Set Passive release 525
90011 Charset Mismatch Passive release 436
10055 CSP Passive release 693
10019 Content-Type Header Missing Passive release 345
10010 Cookie No HttpOnly Flag Passive release 1004
90033 Loosely Scoped Cookie Passive release 565
10054 Cookie without SameSite Attribute Passive release 1275
10011 Cookie Without Secure Flag Passive release 614
10098 Cross-Domain Misconfiguration Passive release 264
10017 Cross-Domain JavaScript Source File Inclusion Passive release 829
10202 Absence of Anti-CSRF Tokens Passive release 352
2 Private IP Disclosure Passive release 200
3 Session ID in URL Rewrite Passive release 200
10023 Information Disclosure - Debug Error Messages Passive release 200
10024 Information Disclosure - Sensitive Information in URL Passive release 200
10025 Information Disclosure - Sensitive Information in HTTP Referrer Header Passive release 200
10027 Information Disclosure - Suspicious Comments Passive release 200
10105 Weak Authentication Method Passive release 326
90001 Insecure JSF ViewState Passive release 642
10040 Secure Pages Include Mixed Content Passive release 311
10096 Timestamp Disclosure Passive release 200
10057 Username Hash Found Passive release 284
10032 Viewstate Passive release 642
10061 X-AspNet-Version Response Header Passive release 933
10021 X-Content-Type-Options Header Missing Passive release 693
10056 X-Debug-Token Information Leak Passive release 200
10020 X-Frame-Options Header Passive release 1021
10037 Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Passive release 200
10094 Base64 Disclosure Passive alpha
10049 Content Cacheability Passive alpha
60001 An example passive scan rule which loads data from a file. Passive alpha
60000 Example Passive Scan Rule: Denial of Service Passive alpha
10009 In Page Banner Information Leak Passive alpha
10110 Dangerous JS Functions Passive alpha
90002 Java Serialization Object Passive alpha
10063 Permissions Policy Header Not Set Passive alpha
90004 Insufficient Site Isolation Against Spectre Vulnerability Passive alpha
10099 Source Code Disclosure Passive alpha
90003 Sub Resource Integrity Attribute Missing Passive alpha
6 Path Traversal Active release 22
7 Remote File Inclusion Active release 98
10045 Source Code Disclosure - /WEB-INF folder Active release 541
20019 External Redirect Active release 601
40009 Server Side Include Active release 97
40012 Cross Site Scripting (Reflected) Active release 79
40014 Cross Site Scripting (Persistent) Active release 79
40018 SQL Injection Active release 89
90019 Server Side Code Injection Active release 94
90020 Remote OS Command Injection Active release 78
0 Directory Browsing Active release 548
30001 Buffer Overflow Active release 120
30002 Format String Error Active release 134
40003 CRLF Injection Active release 113
40008 Parameter Tampering Active release 472
40028 ELMAH Information Leak Active release 94
40032 .htaccess Information Leak Active release 94
40016 Cross Site Scripting (Persistent) - Prime Active release 79
40017 Cross Site Scripting (Persistent) - Spider Active release 79
50000 Script Active Scan Rules Active release 0
41 Source Code Disclosure - Git Active beta 541
43 Source Code Disclosure - File Inclusion Active beta 541
10048 Remote Code Execution - Shell Shock Active beta 78
10107 Httpoxy - Proxy Header Misuse Active beta 20
20012 Anti-CSRF Tokens Check Active beta 352
20015 Heartbleed OpenSSL Vulnerability Active beta 119
20016 Cross-Domain Misconfiguration Active beta 264
20017 Source Code Disclosure - CVE-2012-1823 Active beta 20
20018 Remote Code Execution - CVE-2012-1823 Active beta 20
40013 Session Fixation Active beta 384
40019 SQL Injection - MySQL Active beta 89
40020 SQL Injection - Hypersonic SQL Active beta 89
40021 SQL Injection - Oracle Active beta 89
40022 SQL Injection - PostgreSQL Active beta 89
40024 SQL Injection - SQLite Active beta 89
40026 Cross Site Scripting (DOM Based) Active beta 79
40027 SQL Injection - MsSQL Active beta 89
90021 XPath Injection Active beta 643
90023 XML External Entity Attack Active beta 611
90024 Generic Padding Oracle Active beta 209
90025 Expression Language Injection Active beta 917
90034 Cloud Metadata Potentially Exposed Active beta 0
42 Source Code Disclosure - SVN Active beta 541
10051 Relative Path Confusion Active beta 20
10095 Backup File Disclosure Active beta 530
10106 HTTP Only Site Active beta 311
30003 Integer Overflow Error Active beta 190
40025 Proxy Disclosure Active beta 200
40029 Trace.axd Information Leak Active beta 215
40034 .env Information Leak Active beta 215
40035 Hidden File Finder Active beta 538
90017 XSLT Injection Active beta 91
90028 Insecure HTTP Method Active beta 200
10047 HTTPS Content Available via HTTP Active beta 311
10058 GET for POST Active beta 16
10104 User Agent Fuzzer Active beta 0
20014 HTTP Parameter Pollution Active beta 20
40023 Possible Username Enumeration Active beta 200
90027 Cookie Slack Detector Active beta 200
40015 LDAP Injection Active alpha 90
40033 NoSQL Injection - MongoDB Active alpha 943
60100 Example Active Scan Rule: Denial of Service Active alpha 0
60101 An example active scan rule which loads data from a file Active alpha 0
40038 Bypassing 403 Active alpha 0
40039 Web Cache Deception Active alpha 0
40040 CORS Header Active alpha 942
40042 Spring Actuator Information Leak Active alpha 215
50001 Script Passive Scan Rules Passive release
50003 Stats Passive Scan Rule Passive release
10103 Image Location and Privacy Scanner Passive beta
10003 Vulnerable JS Library Passive release
10044 Big Redirect Detected (Potential Sensitive Information Leak) Passive beta
10038 Content Security Policy (CSP) Header Not Set Passive beta
10033 Directory Browsing Passive beta
10097 Hash Disclosure Passive beta
10034 Heartbleed OpenSSL Vulnerability (Indicative) Passive beta
10041 HTTP to HTTPS Insecure Transition in Form Post Passive beta
10042 HTTPS to HTTP Insecure Transition in Form Post Passive beta
10108 Reverse Tabnabbing Passive beta
10109 Modern Web Application Passive beta
10062 PII Disclosure Passive beta
10050 Retrieved from Cache Passive beta
10036 HTTP Server Response Header Passive beta
10026 HTTP Parameter Override Passive beta
10035 Strict-Transport-Security Header Passive beta
10030 User Controllable Charset Passive beta
10029 Cookie Poisoning Passive beta
10031 User Controllable HTML Element Attribute (Potential XSS) Passive beta
10043 User Controllable JavaScript Event (XSS) Passive beta
10028 Open Redirect Passive beta
10039 X-Backend-Server Header Information Leak Passive beta
10052 X-ChromeLogger-Data (XCOLD) Header Information Leak Passive beta
90022 Application Error Disclosure Passive release 200
10015 Incomplete or No Cache-control Header Set Passive release 525
90011 Charset Mismatch Passive release 436
10055 CSP Passive release 693
10019 Content-Type Header Missing Passive release 345
10010 Cookie No HttpOnly Flag Passive release 1004
90033 Loosely Scoped Cookie Passive release 565
10054 Cookie without SameSite Attribute Passive release 1275
10011 Cookie Without Secure Flag Passive release 614
10098 Cross-Domain Misconfiguration Passive release 264
10017 Cross-Domain JavaScript Source File Inclusion Passive release 829
10202 Absence of Anti-CSRF Tokens Passive release 352
2 Private IP Disclosure Passive release 200
3 Session ID in URL Rewrite Passive release 200
10023 Information Disclosure - Debug Error Messages Passive release 200
10024 Information Disclosure - Sensitive Information in URL Passive release 200
10025 Information Disclosure - Sensitive Information in HTTP Referrer Header Passive release 200
10027 Information Disclosure - Suspicious Comments Passive release 200
10105 Weak Authentication Method Passive release 326
90001 Insecure JSF ViewState Passive release 642
10040 Secure Pages Include Mixed Content Passive release 311
10096 Timestamp Disclosure Passive release 200
10057 Username Hash Found Passive release 284
10032 Viewstate Passive release 642
10061 X-AspNet-Version Response Header Passive release 933
10021 X-Content-Type-Options Header Missing Passive release 693
10056 X-Debug-Token Information Leak Passive release 200
10020 X-Frame-Options Header Passive release 1021
10037 Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Passive release 200
10094 Base64 Disclosure Passive alpha
10049 Content Cacheability Passive alpha
60001 An example passive scan rule which loads data from a file. Passive alpha
60000 Example Passive Scan Rule: Denial of Service Passive alpha
10009 In Page Banner Information Leak Passive alpha
10110 Dangerous JS Functions Passive alpha
90002 Java Serialization Object Passive alpha
10063 Permissions Policy Header Not Set Passive alpha
90004 Insufficient Site Isolation Against Spectre Vulnerability Passive alpha
10099 Source Code Disclosure Passive alpha
90003 Sub Resource Integrity Attribute Missing Passive alpha
kingthorin+owaspzap
Dec 3, 2021, 10:50:19 AM12/3/21
to OWASP ZAP User Group
The script code isn't perfect but it should give you what you need.
Reply all
Reply to author
Forward
0 new messages