How to analyze OWASP ZAP scan results effectively
After a run, I am getting a lot of URL's which are not vulnerabilities. Is there anyway that we can analyze the reports easily.
The ZAP HTML report should only contain potential issues. If its including things that you think are not issues then you'll need to let us know what they are. Note that
I propose a strategy:
After that, you will be able to eliminate or address most of the findings, so in the next iteration, you can exclude the non-issues from the scan.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.