Josh-CO Dev

Solving the worlds problems one line of code at a time.


1 Comment

Automating a WebInspect Scan using PowerShell and the WebInspect API

I have been struggling with the WebInspect API for quite some time now. It seems that I could always call the get methods just fine, but some of the post methods had some weird syntax that I could never figure out. After a lot of trial and error, I finally figured out how to use PowerShell to start a scan with the WebInspect API. I am posting this here hoping it will help out others. It seems that Google does not turn up anything on the API other than some HP help files which really do not help.

$wiapiScan = "http://vmwebinspect01:8083/webinspect/scanner" #set this to the location of your webinspect API instance

$body = @{
    settingsName="Default"    #the settings name to use for this scan
    
    overrides= 
    @{
        ScanName="Testing"    #The name to give the scan
        StartUrl="http://scrubbed"   #the url to scan
        CrawlAuditMode="CrawlOnly"   #crawl, audit, or both.
        StartOption="Url"    #refer to the API documentation for the other options
    } | convertto-json
} 

$response = Invoke-webrequest -Method Post -Body $body -Uri $wiapiScan #put it all together

Be sure that $wiapiScan is set to point to your WebInspect instance. Remember that the API has to be configured and started wherever you are hosting WebInspect. In my case, I am using a dedicated VM.


Leave a comment

Powershell – Extract Data from a Database

Another handy thing to do with powershell is extract data from a database. Like everything else Powershell, this is incredibly easy to do.

First you need to setup and connect to the database itself.

	#create our database connection
	$SqlConnection = New-Object System.Data.SqlClient.SqlConnection
	$SqlConnection.ConnectionString = "Server=ServerName;Database=DatabaseName;Integrated Security=True"
	$SqlConnection.Open()

This should be pretty straight forward. Just replace servername and databasename with your information. This connection string is for sqlserver 2012, you can substitute in the connection string for any sql server database.

Next we need to set up our command and hook it up.

	
	#create and set up our sql command
	$SqlCmd = New-Object System.Data.SqlClient.SqlCommand

        $SqlCmd.CommandText = "select * from dbo.table"
	$SqlCmd.Connection = $SqlConnection
        $SqlCmd.CommandTimeout = 0

It’s worth noting here that setting the commandtimeout to 0 overrides the default timeout, which I was having trouble with.

Next, just call the execute reader and load the results in a table.

	#execute our command
	$result = $SqlCmd.ExecuteReader()
	
	#load the results of our command into a datatable
	$table = new-object System.Data.DataTable
	$table.Load($result)

If you have ever programmed in .NET before, all of this should look very familiar. Now, you can do whatever you like with the data. In my case, I loop through it and assign the values to a variable so I can use them later.

	foreach($row in $table)
	{
		#set up our variables based on the data row
		$EmailAddress = $row.Item("Email")
                ...
        }

Also, don’t forget to close out your connection after you are done. This will not happen automatically.

        #close out our sql connection to prevent it from staying open. 
	$SqlConnection.Close()


Leave a comment

Javascript

With all of the HTML5 talk that is going around lately, one item that is commonly associated with HTML5 is javascript. Most of the programmers I work with are all applications programmers and thus know very little about javascript. While researching for some presentations I was putting together, I came across a great article that is essentially a refresher on Javascript. If you are familiar with other client side scripting or have learned Javascript in the past, then this article should be an easy read.

https://developer.mozilla.org/en/A_re-introduction_to_JavaScript


Updates

So, it’s beenĀ a while since I have updated the site. I have been hard at work on my silverlight app and am really not impressed with WordPress. I think I’m actually going to re-do the site with another program. If I don’t find one that I like, then I’m going to have to write my own. We’ll see where this goes, see you in the future!