ZAP WebSocket扫描
[英]ZAP websocket scanning
问题描述
I have a java application, that only communicates via websocket on port 1234. I'd like to use ZAP for some fuzz testing. 
我有一个Java应用程序,仅通过端口1234上的websocket通信。我想使用ZAP进行一些模糊测试。 The thing is I can't make OWASP ZAP to see my application. 问题是我无法使OWASP ZAP看到我的应用程序。 If I want to add it as a site, it won't let me because I can add only http sites. 如果我想将其添加为网站,则不会允许我,因为我只能添加http网站。 I can't scan "ws://127.0.0.1:1234". 我无法扫描“ ws://127.0.0.1:1234”。 How can I do that? 我怎样才能做到这一点? I checked the ZAP Wiki, and blogs about adding "websocket sites", but they all added it via http, but I can't do that. 我检查了ZAP Wiki,以及有关添加“ websocket网站”的博客,但是他们都通过http添加了它,但我不能这样做。 I tried a few other tools as well, none seems to work. 我也尝试了其他一些工具,但似乎没有一个起作用。
Any help is appreciated. 任何帮助表示赞赏。
1 个解决方案
解决方案1
1 2019-03-07 18:03:10
We've got some changes in the pipeline that might make this easier. 我们在管道中进行了一些更改,这些更改可能会使此操作更加容易。 I'll aim to get back to you asap. 我将尽快与您联系。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.