owtf.api.handlers package

Submodules

owtf.api.handlers.base module

owtf.api.handlers.base

class owtf.api.handlers.base.APIRequestHandler(application, request, **kwargs)[source]

Bases: tornado.web.RequestHandler

error(message, data=None, code=None)[source]

An error occurred in processing the request, i.e. an exception was thrown.

Parameters:
  • data (A JSON-serializable object) – A generic container for any other information about the error, i.e. the conditions that caused the error, stack traces, etc.
  • message (A JSON-serializable object) – A meaningful, end-user-readable (or at the least log-worthy) message, explaining what went wrong
  • code (int) – A numeric code corresponding to the error, if applicable
fail(data)[source]

There was a problem with the data submitted, or some pre-condition of the API call wasn’t satisfied.

Parameters:data (A JSON-serializable object) – Provides the wrapper for the details of why the request failed. If the reasons for failure correspond to POST values, the response object’s keys SHOULD correspond to those POST values.
initialize()[source]
  • Set Content-type for JSON
success(data)[source]

When an API call is successful, the JSend object is used as a simple envelope for the results, using the data key.

Parameters:data (A JSON-serializable object) – Acts as the wrapper for any data returned by the API call. If the call returns no data, data should be set to null.
write(chunk)[source]
write_error(status_code, **kwargs)[source]

Override of RequestHandler.write_error Calls error() or fail() from JSendMixin depending on which exception was raised with provided reason and status code. :type status_code: int :param status_code: HTTP status code

class owtf.api.handlers.base.FileRedirectHandler(application, request, **kwargs)[source]

Bases: tornado.web.RequestHandler

SUPPORTED_METHODS = ['GET']
get(file_url)[source]
class owtf.api.handlers.base.UIRequestHandler(application, request, **kwargs)[source]

Bases: tornado.web.RequestHandler

reverse_url(name, *args)[source]

owtf.api.handlers.config module

owtf.api.handlers.config

class owtf.api.handlers.config.ConfigurationHandler(application, request, **kwargs)[source]

Bases: owtf.api.handlers.base.APIRequestHandler

Update framework settings and tool paths.

SUPPORTED_METHODS = ['GET', 'PATCH']
get()[source]

Return all configuration items.

Example request:

GET /api/v1/configuration HTTP/1.1
Accept: application/json

Example response:

HTTP/1.1 200 OK
Content-Type: application/json


{
    "status": "success",
    "data": [
        {
            "dirty": false,
            "key": "ATTACHMENT_NAME",
            "descrip": "Filename for the attachment to be sent",
            "section": "AUX_PLUGIN_DATA",
            "value": "report"
        },
        {
            "dirty": false,
            "key": "BRUTEFORCER",
            "descrip": "",
            "section": "DICTIONARIES",
            "value": "hydra"
        },
    ]
}
patch()[source]

Update configuration item

Example request:

PATCH /api/v1/configuration/ HTTP/1.1
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest

Example response:

HTTP/1.1 200 OK
Content-Type: application/json


{
    "status": "success",
    "data": {}
}

owtf.api.handlers.health module

owtf.api.handlers.health

class owtf.api.handlers.health.HealthCheckHandler(application, request, **kwargs)[source]

Bases: owtf.api.handlers.base.APIRequestHandler

API server health check

SUPPORTED_METHODS = ['GET']
get()[source]

A debug endpoint to check whether the application is alive.

Example request:

GET /debug/health HTTP/1.1
Accept: application/json

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status": "success",
    "data": {
        "status": "ok"
    }
}

owtf.api.handlers.index module

owtf.api.handlers.index

class owtf.api.handlers.index.IndexHandler(application, request, **kwargs)[source]

Bases: owtf.api.handlers.base.UIRequestHandler

Serves the main webapp

SUPPORTED_METHODS = ['GET']
get(path)[source]

Render the homepage with all JavaScript and context.

Example request:

GET / HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Example response:

HTTP/1.1 200 OK
Content-Encoding: gzip
Vary: Accept-Encoding
Server: TornadoServer/5.0.1
Content-Type: text/html; charset=UTF-8

owtf.api.handlers.misc module

owtf.api.handlers.plugin module

owtf.api.handlers.report module

owtf.api.handlers.session module

owtf.api.handlers.session

class owtf.api.handlers.session.OWTFSessionHandler(application, request, **kwargs)[source]

Bases: owtf.api.handlers.base.APIRequestHandler

Handles OWTF sessions.

SUPPORTED_METHODS = ['GET', 'POST', 'PUT', 'PATCH', 'DELETE']
delete(session_id=None, action=None)[source]

Delete a session.

Example request:

DELETE /api/v1/sessions/2 HTTP/1.1
X-Requested-With: XMLHttpRequest

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status": "success",
    "data": {}
}
get(session_id=None, action=None)[source]

Get all registered sessions.

Example request:

GET /api/v1/sessions/ HTTP/1.1
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status": "success",
    "data": [
        {
            "active": true,
            "name": "default session",
            "id": 1
        }
    ]
}
patch(session_id=None, action=None)[source]

Change session.

Example request:

PATCH /api/v1/sessions/1/activate HTTP/1.1
X-Requested-With: XMLHttpRequest

Example response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "status": "success",
    "data": {}
}
post(session_id=None, action=None)[source]

Create a new session.

Example request:

POST /api/v1/sessions/ HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest


name=google-vrp

Example response:

HTTP/1.1 201 Created
Content-Type: application/json

{
    "status": "success",
    "data": {}
}

owtf.api.handlers.targets module

owtf.api.handlers.transactions module

owtf.api.handlers.work module

Module contents