From 184e3c8469c68e86d331765da879bb40b1ec7268 Mon Sep 17 00:00:00 2001
From: Simon Bennetts <psiinon@gmail.com>
Date: Tue, 16 Jan 2024 12:12:38 +0000
Subject: [PATCH] AF plan examples - updated baseline and added full scan

Signed-off-by: Simon Bennetts <psiinon@gmail.com>
---
 CHANGELOG.md                        |  4 ++
 other/af-plans/BaselineExample.yaml | 30 +++++--------
 other/af-plans/FullScanExample.yaml | 67 +++++++++++++++++++++++++++++
 3 files changed, 81 insertions(+), 20 deletions(-)
 create mode 100644 other/af-plans/FullScanExample.yaml

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7a212ba7..1840e824 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,12 +4,16 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## [Unreleased]
+### Added
+- other/af-plans/FullScanExample.yaml
+
 ### Changed
 - Update minimum ZAP version to 2.14.0.
 - Remove checks for CFU initiator in HTTP Sender scripts and docs, no longer needed.
 - Rename AWS signing script.
 - Update descriptions/comments in scripts.
 - standalone/Open Fortune 500 websites in a browser.zst - Fix typo in `http://www,pbfenergy.com`
+- other/af-plans/BaselineExample.yaml to use envvar and only run AJAX Spider if modern.
 
 ## [17] - 2023-06-28
 ### Added
diff --git a/other/af-plans/BaselineExample.yaml b/other/af-plans/BaselineExample.yaml
index e037f120..3557738f 100644
--- a/other/af-plans/BaselineExample.yaml
+++ b/other/af-plans/BaselineExample.yaml
@@ -1,26 +1,15 @@
 ---
-# A simple plan that performs a baseline scan against example.com
-# It uses both of the spiders and just passive scanning.
+# A simple plan that performs a baseline scan against a URL in the ZAP_TARGET env var.
+# It uses the standard spider but only runs the AJAX spider is the app appears to be modern.
 # The 2 spider tests will fail as they do not find at least 100 URLs, 
 # but they do not fail the whole plan as they just report at INFO level.
 env:
   contexts:
   - name: "Example"
     urls:
-    - "https://www.example.com/"
+    - "${ZAP_TARGET}"
     includePaths: []
     excludePaths: []
-    authentication:
-      parameters: {}
-      verification:
-        method: "response"
-        pollFrequency: 60
-        pollUnits: "requests"
-    sessionManagement:
-      method: "cookie"
-      parameters: {}
-    technology:
-      exclude: []
   parameters:
     failOnError: true
     failOnWarning: false
@@ -44,10 +33,12 @@ jobs:
     value: 100
     type: "stats"
     name: "At least 100 URLs found"
+- parameters: {}
+  name: "passiveScan-wait-pre-ajax"
+  type: "passiveScan-wait"
 - parameters:
-    maxDuration: 60
-    maxCrawlDepth: 10
-    numberOfBrowsers: 1
+    maxDuration: 3
+    runOnlyIfModern: true
   name: "spiderAjax"
   type: "spiderAjax"
   tests:
@@ -59,12 +50,11 @@ jobs:
     type: "stats"
     name: "At least 100 URLs found"
 - parameters: {}
-  name: "passiveScan-wait"
+  name: "passiveScan-wait-pre-report"
   type: "passiveScan-wait"
 - parameters:
-    template: "risk-confidence-html"
+    template: "modern"
     reportTitle: "ZAP Scanning Report"
     reportDescription: ""
   name: "report"
   type: "report"
-
diff --git a/other/af-plans/FullScanExample.yaml b/other/af-plans/FullScanExample.yaml
new file mode 100644
index 00000000..ae1db5e5
--- /dev/null
+++ b/other/af-plans/FullScanExample.yaml
@@ -0,0 +1,67 @@
+---
+# A simple plan that performs a full scan against a URL in the ZAP_TARGET env var.
+# It uses the standard spider but only runs the AJAX spider is the app appears to be modern.
+# The 2 spider tests will fail as they do not find at least 100 URLs, 
+# but they do not fail the whole plan as they just report at INFO level.
+env:
+  contexts:
+  - name: "Example"
+    urls:
+    - "${ZAP_TARGET}"
+    includePaths: []
+    excludePaths: []
+  parameters:
+    failOnError: true
+    failOnWarning: false
+    progressToStdout: true
+  vars: {}
+jobs:
+- parameters:
+    scanOnlyInScope: true
+    enableTags: false
+  rules: []
+  name: "passiveScan-config"
+  type: "passiveScan-config"
+- parameters: {}
+  name: "spider"
+  type: "spider"
+  tests:
+  - onFail: "INFO"
+    statistic: "automation.spider.urls.added"
+    site: ""
+    operator: ">="
+    value: 100
+    type: "stats"
+    name: "At least 100 URLs found"
+- parameters: {}
+  name: "passiveScan-wait-pre-ajax"
+  type: "passiveScan-wait"
+- parameters:
+    maxDuration: 3
+    runOnlyIfModern: true
+  name: "spiderAjax"
+  type: "spiderAjax"
+  tests:
+  - onFail: "INFO"
+    statistic: "spiderAjax.urls.added"
+    site: ""
+    operator: ">="
+    value: 100
+    type: "stats"
+    name: "At least 100 URLs found"
+- parameters:
+  policyDefinition:
+    defaultStrength: "medium"
+    defaultThreshold: "medium"
+    rules: []
+  name: "activeScan"
+  type: "activeScan"
+- parameters: {}
+  name: "passiveScan-wait-pre-report"
+  type: "passiveScan-wait"
+- parameters:
+    template: "modern"
+    reportTitle: "ZAP Scanning Report"
+    reportDescription: ""
+  name: "report"
+  type: "report"