Highest Voted 'zapproxy' Questions

2

votes

1 answer

How to check if ZAP reports/alerts have been generated after scan?

I'm currently interacting with ZAP using the REST-API (using Groovy as a language). What I want to achieve is to start a scan and retrieve the results once the scan has finished. I'm currently looking on the scan status and I've assumed, that I can…

zap zapproxy

asked Aug 01 '17 at 12:17

Kevin Wittek

1,369
9
26

1

vote

1 answer

Unable to Start active scan (ascan) on given context with Zap Proxy

Was trying to automate zap proxy scan on website. Below is my flow Start Zap proxy Create new session (/JSON/core/action/newSession/?apikey=12345&name=NewSession&overwrite=true) Create new Context…

zap zapproxy

asked Apr 19 '20 at 09:47

Dileep17

299
3
18

1

vote

1 answer

How to integrate selenium and ZAP

I am planning to automate security testing for a web application. I have the selenium code which is developed using JAVA language, now I need to integrate with ZAP. Kindly help me how to integrate these two and generate the reports for the same.

java selenium security zap zapproxy

asked Dec 19 '17 at 08:07

MoNa

365
4
13
31

0

votes

0 answers

Selenium script throws error when I run in headless mode with ZAP proxy

Below code is running successfully in normal mode but it is throwing following error when I run in headless mode org.openqa.selenium.ElementNotInteractableException: element not interactable: link has no size and location My understanding is when…

selenium selenium-webdriver headless zap zapproxy

asked Sep 27 '22 at 16:53

Giri

9
1

0

votes

1 answer

Zap proxy not working for a specific site

I set up Zap proxy. I see it received traffic from other sites except for: http://quiz.aisolutions.com.vn/. It just hung at the login. Tried several ways like changing port number to 8082 but not work

zap zapproxy

asked Jul 05 '22 at 10:01

Bùi Thái

3
1

0

votes

1 answer

Getting Authentication failed for user on running owasp ZAP scanAsuserAPI

I have used ZAP Desktop using form based authentication, zap runs perfectly fine on Desktop app. However as the web application i am using also has _csrf_token is passed along with username and Password I chose to automate it with manual…

owasp zap zapproxy

asked Oct 21 '21 at 13:58

Ashu123

352
2
6
19

0

votes

1 answer

Facing issue with ZAP integration in Node JS

I am new to ZAP and node.js My Aim is to Scan for vulnerabilities in for any webapp and generate a report (JSON). I tried with below code, it gives me error const ZapClient = require('zaproxy'); const zapOptions = { apiKey: 'myAPIKEY' proxy:…

node.js zap zapproxy

asked Jul 23 '21 at 12:51

Sunils

27
12

0

votes

1 answer

Authentication not happening through ZAP API Scan docker image

Initially I tried authenticating API's through ZAP UI. I have a folder structure which has Context, wrk->script->authentication->bearer-token.js, wrk ->script->httpsender->header-set-bearer-token.js, wrk ->script->zap_hooks.py. While authenticating,…

docker swagger owasp zap zapproxy

asked Jul 14 '21 at 05:24

Apurva

63
1
6

0

votes

1 answer

Create ZAP context using ZAP-CLI

I am planning to automate the entire ZAP scanning using ZAP CLI ZAP uses a context for form-based authentication. This context can easily be created manually using ZAP UI. But I need to automate this context creation so that any application with the…

authentication automation command-line-interface zap zapproxy

asked Mar 18 '21 at 12:03

Kapil Khandelwal

1,096
12
19

0

votes

0 answers

OWASP ZAP Jenkins job not providing all the alert results

I am new to OWASP ZAP. I have ZAP Desktop set up done, where i inject the Web Application host with port and it takes about 5-6 minutes to complete the spider scan and when i see the Alerts section i see one Medium Alert and a lot of Low…

jenkins owasp zap zapproxy

asked Feb 02 '21 at 07:44

Ashu123

352
2
6
19

0

votes

1 answer

zapproxy full-scan is not running the provided script when using docker image

I would like to start a httpsender script on every request during the zap full scan. So I did docker run -v $(pwd):/zap/wrk/:rw -h -t owasp/zap2docker-weekly zap-full-scan.py -t https://www.test.com -z "-config script.scripts.name=http_parameters…

docker owasp zap zapproxy

asked Jan 15 '21 at 09:37

karlos

807
1
8
38

0

votes

1 answer

ZAP Authentication for recorded api calls

Im automating security scans by proxying my UI tests via Zap. For each security scan run, new zap session is created and requests are proxied. In our App, access token from login api's response is set in authentication header for authentication…

zap zapproxy

asked Jul 02 '20 at 15:48

Dileep17

299
3
18

0

votes

0 answers

Basic Authorization in Zapproxy API

I have this curl to call an api: curl -X POST -u user:password /to/the/end/point And if i get the request with zapproxy i can send this and do an active attack, but i am trying this calling to the python api. I cant authenticate using basic…

api authentication owasp zap zapproxy

asked Jun 19 '18 at 12:41

Pan conPan

15
3

0

votes

2 answers

org.zaproxy.clientapi.core.ClientApiException: java.net.ConnectException: Connection refused: connect error while connecting to ZAP using Java API

I am trying to integrate selenium with ZAP. To achieve this, I have used the below code to open the ZAP tool automatically before launching the browser using selenium. The issue I am facing is that the ZAP tool is not opening properly, it got stuck…

security selenium-webdriver penetration-testing zap zapproxy

asked Dec 20 '17 at 09:52

MoNa

365
4
13
31

0

votes

1 answer

Adjusting Docker Run command to gItlab-ci.yaml for OWASP ZAP image

Trying to run OWASP ZAP Docker Build in the headless mode described here: docker run -u zap -p 8080:8080 -i owasp/zap2docker-stable zap.sh -daemon -host 0.0.0.0 -port 8080 But can't figure out how to adapt that to a gitlab-ci.yaml. On gitlab 9.4…

docker-compose gitlab gitlab-ci-runner zap zapproxy

asked Jul 27 '17 at 18:31

Cynic

6,779
2
30
49

Questions tagged [zapproxy]