Configure - OWASP ZAP Automated Scan
Question
I'm looking at a scenario where OWASP ZAP Automated Scanner will do the following:
- Go through every parameter in a request
- Apply all stored payloads for XSS, SQL, Overflow vulnerabilities etc, Say a 100 payloads per vulnerability
- This should repeat for all the requests that are recorded in ZAP.
Is it possible with the existing Automated Scanner ? If no, can i manually configure the fuzzer through ZAP API's to do so ? If Yes, please provide information on the same
1 answers
solution1
1 ACCPTED 2015-10-07 09:14:22
也已在ZAP用户组上询问(并回答:)此问题: https : //groups.google.com/d/msg/zaproxy-users/HmRI8NbfU4w/bwkUzcjpBQAJ,因此在此处重复讨论没有任何意义...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
OWASP ZAP Not receiving Alerts for subsequent active scan
How to scan particular URL or page alone in owasp zap
How to configure active scan input vectors in ZAP?
Automating OWASP ZAP with PHP
How to add false positive using XSLT file in OWASP ZAP scan in Azure DevOps?
OWASP Zap scan option is grayed-out for multi-selected URLs
Owasp ZAP not performing authentication during active scan using “Form-Based-Authentication” ON python project
OWASP ZAP scan returns “Application Error Disclosure” to javascript library. Is it false positive? How to proove that or fix?
Header Based Authentication in Owasp zap
OWASP ZAP: Active Scanner in Continuos Integration
Related Tags