forked from juice-shop/juice-shop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstackhawk.yml
69 lines (65 loc) · 1.47 KB
/
stackhawk.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
app:
applicationId: ${JS_APP_ID:2bc22eb3-7a8d-4e0a-b2e2-2c3a5430ba4b}
env: Cypress
host: http://localhost:3000
autoInputVectors: true
autoPolicy: true
sessionTokens:
- JSESSIONID
- language
- continueCode
- welcomebanner_status
- cookieconsent_status
- token
openApiConf:
filePath: swagger.yml
excludePaths:
# - ".*socket\\.io.*"
- ".*\\.png"
- ".*\\.jpeg"
- ".*\\.jpg"
- ".*\\.woff"
- ".*\\.woff2"
- ".*\\.ttf"
- ".*\\.ico"
- "/rest/user/reset-password"
- "/rest/user/change-password.*"
- "/rest/2fa/setup"
authentication:
script:
name: juice-shop-auth.kts
parameters:
authEndpoint: 'http://localhost:3000/rest/user/login'
credentials:
username: '[email protected]'
password: testtest
sessionScript:
name: juice-shop-session.kts
testPath:
type: BODY
path: /rest/user/whoami
success: ".*email.*"
loggedInIndicator: ".*"
loggedOutIndicator: "^$"
hawk:
spider:
ajax: true
base: true
custom:
command: 'bash'
arguments:
- "-c"
- "npx cypress run --headless --quiet || true"
logOutputToForeground: true
environment:
NO_PROXY: "<-loopback>"
hawkAddOn:
scripts:
- name: juice-shop-auth.kts
path: hawkscripts
type: authentication
language: KOTLIN
- name: juice-shop-session.kts
path: hawkscripts
type: session
language: KOTLIN