The packaged scans are the simplest way to automate ZAP in docker, but also see the GitHub actions if you already use GitHub. API Scan which performs an active scan against APIs defined by OpenAPI, or GraphQL (post 2.9.0) via either a local file or a URL.Full Scan which runs the ZAP spider against the target (by default with no time limit) followed by an optional ajax spider scan and then a full active scan before reporting the results.Baseline Scan which runs the ZAP spider against the target for (by default) 1 minute followed by an optional ajax spider scan before reporting the results of the passive scanning.Usage Instructions Packaged ScansĪll of the docker images (apart from the ‘bare’ one) provide a set of packaged scan scripts: If you are running ZAP with port other than the default 8080, you need to set the ZAP_PORT environment variable. The check uses the zap-cli status to check that ZAP completed loading. The docker file now supports healthcheck.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |