Alex
Reputation: 372
zaproxy - API scan - how to point a specification file
I have a specification file api.yaml As I understand I should use it like the following:
docker run -t owasp/zap2docker-weekly zap-api-scan.py -t api.yaml -f openapi
Should I put the file to some zap's directory?
Upvotes: 1
Views: 1299
Answers (1)
Omer Levi Hevroni
Reputation: 1997
It's more like a docker question: The file needs to be accessible inside the container, so you'll need to mount a volume (e.g. the folder containing this file) - check out the documentation for more details. Than, you can use the file using the mount point, for example:
docker run -v /path/to/dir:/app/config -t owasp/zap2docker-weekly zap-api-scan.py -t /app/config/api.yaml -f openapi
Upvotes: 2
Related Questions
- Zap2Docker custom scan rules
- Set authentication header in zap docker based API scan
- Create ZAP context using ZAP-CLI
- ZAP: Exploring APIs - how to set header parameters in UI?
- Utilizing ZAP for RESTAPI testing
- Exclude URL in ZAP proxy scanning run as daemon
- How to run OWASP Zed Attack Proxy ZAP's zap-api-scan.py without requiring docker
- zaproxy - API scan with request header
- zaproxy - API scan - missing c in config
- Passing config values to OWASP ZAP rest api script as a file: format?