web apps vulnerability auto-scan

import time
from zapv2 import ZAPv2

class WebVulnerabilityScanner:
    def __init__(self, target_url, zap_host='localhost', zap_port=8080):
        """
        Initialize the vulnerability scanner with ZAP proxy settings

        :param target_url: Full URL of the web application to scan
        :param zap_host: ZAP proxy host (default: localhost)
        :param zap_port: ZAP proxy port (default: 8080)
        """
        self.target_url = target_url
        self.zap = ZAPv2(proxies={'http': f'http://{zap_host}:{zap_port}',
                                  'https': f'http://{zap_host}:{zap_port}'})

    def configure_scan_settings(self):
        """
        Configure initial ZAP scan settings
        """
        # Disable popup warnings
        self.zap.core.set_option_warn_on_new_alerts(False)

        # Set scan timeout
        self.zap.core.set_option_scan_timeout(60)

        # Configure alert filters if needed
        # self.zap.core.add_alert_filter()

    def start_spider_scan(self):
        """
        Perform spider (crawling) scan to discover web application structure

        :return: Scan ID for tracking progress
        """
        print(f"Starting spider scan on {self.target_url}")
        scan_id = self.zap.spider.scan(self.target_url)

        # Wait for spider scan to complete
        while int(self.zap.spider.status(scan_id)) < 100:
            print(f"Spider scan progress: {self.zap.spider.status(scan_id)}%")
            time.sleep(2)

        print("Spider scan completed")
        return scan_id

    def start_active_scan(self):
        """
        Perform active vulnerability scanning

        :return: Scan ID for tracking progress
        """
        print(f"Starting active scan on {self.target_url}")
        scan_id = self.zap.ascan.scan(self.target_url)

        # Wait for active scan to complete
        while int(self.zap.ascan.status(scan_id)) < 100:
            print(f"Active scan progress: {self.zap.ascan.status(scan_id)}%")
            time.sleep(5)

        print("Active scan completed")
        return scan_id

    def generate_report(self, output_file='zap_vulnerability_report.html'):
        """
        Generate HTML report of discovered vulnerabilities

        :param output_file: Path to save the report
        """
        print(f"Generating vulnerability report: {output_file}")
        alerts = self.zap.core.alerts(baseurl=self.target_url)

        with open(output_file, 'w') as report:
            report.write("<html><body>")
            report.write("<h1>Web Vulnerability Scan Report</h1>")

            report.write("<table border='1'>")
            report.write("<tr><th>URL</th><th>Risk</th><th>Alert</th><th>Description</th></tr>")

            for alert in alerts:
                report.write(f"""
                <tr>
                    <td>{alert['url']}</td>
                    <td>{alert['risk']}</td>
                    <td>{alert['name']}</td>
                    <td>{alert['description']}</td>
                </tr>
                """)

            report.write("</table></body></html>")

        print(f"Report saved to {output_file}")

    def run_comprehensive_scan(self):
        """
        Execute a comprehensive web application vulnerability scan
        """
        try:
            # Ensure ZAP is connected and configured
            self.configure_scan_settings()

            # Perform spider scan to discover site structure
            self.start_spider_scan()

            # Perform active vulnerability scanning
            self.start_active_scan()

            # Generate vulnerability report
            self.generate_report()

        except Exception as e:
            print(f"An error occurred during scanning: {e}")

def main():
    # Example usage
    target_url = 'https://example.com'  # Replace with your target web application URL
    scanner = WebVulnerabilityScanner(target_url)
    scanner.run_comprehensive_scan()

if __name__ == '__main__':
    main()