简体繁体中英

ZAP websocket scanning

原文 2019-03-07 17:48:29 6 1 security/ websocket/ zap/ fuzzing

I have a java application, that only communicates via websocket on port 1234. I'd like to use ZAP for some fuzz testing. The thing is I can't make OWASP ZAP to see my application. If I want to add it as a site, it won't let me because I can add only http sites. I can't scan "ws://127.0.0.1:1234". How can I do that? I checked the ZAP Wiki, and blogs about adding "websocket sites", but they all added it via http, but I can't do that. I tried a few other tools as well, none seems to work.

Any help is appreciated.

1 answers

We've got some changes in the pipeline that might make this easier. I'll aim to get back to you asap.

ZAP docker passive scanning results

OWASP ZAP. How to use a cookie for scanning a website?

Scanning APIs with ZAP Docker image - How to provide Bearer Token?

how to use ZAP JxBrowser in ZAP selenium?

Automating OWASP ZAP with PHP

Testing Session Management with ZAP

How to integrate selenium and ZAP

Configure - OWASP ZAP Automated Scan

How to add ZAP alert through ZAP python api?

ZAP Report is saying SQL injection

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ZAP docker passive scanning results OWASP ZAP. How to use a cookie for scanning a website? Scanning APIs with ZAP Docker image - How to provide Bearer Token? how to use ZAP JxBrowser in ZAP selenium? Automating OWASP ZAP with PHP Testing Session Management with ZAP How to integrate selenium and ZAP Configure - OWASP ZAP Automated Scan How to add ZAP alert through ZAP python api? ZAP Report is saying SQL injection

Related Tags

ZAP websocket scanning

Question

1 answers

solution1 1 2019-03-07 18:03:10

solution1
1 2019-03-07 18:03:10