WEBVTT 00:00.720 --> 00:05.960 Continuing from our previous video, I will go ahead and create a tools directory here. 00:06.320 --> 00:11.600 In there I will create this Python file by the name zap proxy. 00:12.080 --> 00:17.880 So that in this particular tool we would invoke the CLI from zap proxy and collect the results. 00:18.240 --> 00:26.160 So for that I'll import a couple of native libraries from Python OS is operating system and subprocesses 00:26.440 --> 00:28.760 and also from crew I pools. 00:28.760 --> 00:31.640 I will import the tools tool library. 00:31.960 --> 00:37.120 Now let me invoke the tool decorator and say this is zap proxy general use. 00:37.440 --> 00:39.360 I'll come back to this tools problem. 00:39.360 --> 00:40.840 We can fix it later on. 00:41.720 --> 00:45.640 And then I'll give the name of the function as zap proxy general use. 00:45.960 --> 00:48.400 I'll go with the website which we want to scan. 00:48.600 --> 00:52.600 And then the response of this will be the text which is in a string format. 00:52.960 --> 00:56.360 I will go ahead and give Python documentation quickly. 00:56.520 --> 01:00.760 Pen testing tool for web security scan using Zap proxy. 01:01.720 --> 01:08.080 So now what I'm going to do here is I'm going to use the imports I used as in like operating system. 01:08.280 --> 01:11.480 I'll change my directory from my current execution. 01:11.760 --> 01:15.880 I'll move to the one where I have installed these proxy. 01:15.880 --> 01:18.240 So I will go ahead and go to program files. 01:18.720 --> 01:21.440 Program files Zed attack proxy. 01:21.960 --> 01:23.800 That's where it has installed the app. 01:23.800 --> 01:24.800 Proxy details. 01:24.960 --> 01:28.360 And now I'll go ahead and invoke the the base command. 01:28.600 --> 01:32.400 So here is the base command that we would use to execute the CLI. 01:32.920 --> 01:38.960 The proxy is part of the the batch script that is part of the installation. 01:39.800 --> 01:43.680 We will use the quick URL and the website that needs to be scanned. 01:43.720 --> 01:47.280 As for pen testing say make it go quicker. 01:47.320 --> 01:50.080 It's a quick progress and it's a command prompt. 01:50.320 --> 01:54.920 This website URL here is basically the one that we would pass here. 01:55.280 --> 02:01.160 So the Agentic experience is smart enough to know that it will extract this URL and inject it to this 02:01.290 --> 02:01.730 tool. 02:02.050 --> 02:03.890 We'll see how all of that works. 02:04.730 --> 02:07.530 Now I'm going to go ahead and run this process. 02:08.010 --> 02:13.730 So this is something that you would want to know as part of the Python or any other programming language 02:13.730 --> 02:14.650 execution. 02:15.010 --> 02:17.970 You have to invoke the CLI for CLI. 02:18.290 --> 02:22.130 It's a different process altogether outside the Python runtime. 02:22.450 --> 02:28.810 So for that subprocess is the package that enables the execution of the process outside the runtime. 02:29.130 --> 02:33.090 So here I will say subprocess p open. 02:33.410 --> 02:39.650 And then I'll give the base command as as one of the parameters I'll say shell is true. 02:40.290 --> 02:43.210 It's a shell scripting and then stdout. 02:43.530 --> 02:46.850 So it's basically the output is subprocess dot pipe. 02:47.130 --> 02:49.930 And there's an error that says subprocess pipe. 02:50.370 --> 02:54.330 And now I will go ahead and capture the output and error here. 02:54.490 --> 03:02.740 Process is will invoke the communicate function which will communicate with the external I call that 03:02.740 --> 03:03.580 it invoked. 03:03.740 --> 03:05.340 Get the response back. 03:05.380 --> 03:11.180 And if it's an error or if it's a response, whatever it is, we will capture it. 03:11.380 --> 03:15.020 In case if it's an error, then we raise an exception. 03:15.220 --> 03:19.740 And if it went well then we return the output in UTF eight format. 03:20.580 --> 03:21.500 This is great. 03:21.740 --> 03:28.980 Let's go ahead and now create the crew base class, where we want to invoke and bring everything that 03:28.980 --> 03:31.460 we wrote together and execute it. 03:31.820 --> 03:37.300 So I have to play around with my packaging structure and eventually the errors are gone because some 03:37.300 --> 03:41.940 of the crew I Python packages were not installed properly. 03:42.140 --> 03:45.300 Having said that, all issues have been resolved. 03:46.020 --> 03:48.940 It was a packaging issue which is now fixed. 03:49.180 --> 03:53.780 I'll go ahead and write the crew I agent and let's execute it together. 03:53.780 --> 03:58.540 Bring every different element together and run it in our next video. 03:58.980 --> 03:59.820 Thank you. 03:59.860 --> 04:01.580 I'll see you in the next video.