Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
1N3
GitHub Repository: 1N3/Sn1per
 Path: blob/master/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTPS.sh
2970 views
1
AUTHOR='@xer0dayz'

2
VULN_NAME='OWASP Zap Scan - HTTPS'

3
FILENAME="$LOOT_DIR/web/zap-report-${TARGET}-https.html"

4
OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')

5


6
rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null

7
cat $FILENAME 2> /dev/null | egrep '<name>' -A20 | egrep '<name>|<riskdesc>|<uri>|<desc>' > /tmp/raw_out.txt 2> /dev/null

8
grep '<name>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/vulns.txt 2> /dev/null

9
grep '<riskdesc>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/risk.txt 2> /dev/null

10
grep '<desc>' /tmp/raw_out.txt 2> /dev/null| cut -d\; -f3 > /tmp/desc.txt 2> /dev/null

11


12
awk 'FNR==1' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' > /tmp/report.csv  2> /dev/null

13
awk 'FNR==2' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

14
awk 'FNR==3' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

15
awk 'FNR==4' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

16
awk 'FNR==5' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

17
awk 'FNR==6' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

18
awk 'FNR==7' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

19
awk 'FNR==8' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

20
awk 'FNR==9' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

21
awk 'FNR==10' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

22
awk 'FNR==11' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

23
awk 'FNR==12' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

24
awk 'FNR==13' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

25
awk 'FNR==14' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

26
awk 'FNR==15' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

27
awk 'FNR==16' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

28
awk 'FNR==17' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

29
awk 'FNR==18' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

30
awk 'FNR==19' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

31
awk 'FNR==20' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

32
awk 'FNR==21' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

33
awk 'FNR==22' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

34
awk 'FNR==23' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

35
awk 'FNR==24' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

36
awk 'FNR==25' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

37
awk 'FNR==26' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

38
awk 'FNR==27' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

39
awk 'FNR==28' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

40
awk 'FNR==29' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

41
awk 'FNR==30' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

42
awk 'FNR==31' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

43
awk 'FNR==32' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

44
awk 'FNR==33' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

45
awk 'FNR==34' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

46
awk 'FNR==35' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

47
awk 'FNR==36' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

48
awk 'FNR==37' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

49
awk 'FNR==38' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

50
awk 'FNR==39' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

51
awk 'FNR==40' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

52
awk 'FNR==50' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

53
awk 'FNR==51' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

54
awk 'FNR==52' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

55
awk 'FNR==53' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

56
awk 'FNR==54' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

57
awk 'FNR==55' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

58
awk 'FNR==56' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

59
awk 'FNR==57' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

60
awk 'FNR==58' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

61
awk 'FNR==59' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

62
awk 'FNR==60' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null

63


64
egrep '^High' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P2 - HIGH, " $2 ", http://" $50 ", " $3}' > /tmp/report_final.csv 2> /dev/null

65
egrep '^Medium' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P3 - MEDIUM, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null

66
egrep '^Low' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P4 - LOW, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null

67
egrep '^Informational' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P5 - INFO, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null

68


69
mv -f /tmp/report_final.csv $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null

70


71
cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null

72


73
rm -f /tmp/report_final.csv /tmp/report.csv /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null

74