asenec4
Reputation: 387
ZAP API scan context file format
I'm running the ZAP API scan script on a REST API but I have to host the Open API spec file on my own web server. When I run the scan it logs alerts against the URL where the spec is hosted, I would like to exclude it from the context. I saw that you can provide a context file using the following command line flag
-n context_file context file which will be loaded prior to scanning the target
I was wondering where I could find the format of the context file?
Upvotes: 0
Views: 2064
Answers (1)
kingthorin
Reputation: 1526
Launch ZAP desktop, create the context with the details you want, export it and use it in your API scan.
Upvotes: -1
Related Questions
- OWASP ZAP - Scan a list of url
- Zap2Docker custom scan rules
- Set authentication header in zap docker based API scan
- Unable to Start active scan (ascan) on given context with Zap Proxy
- Create ZAP context using ZAP-CLI
- How to add target to Default context in ZAPapi using python?
- zaproxy - API scan - how to point a specification file
- how to use ZAP to scan HTTP security header?
- zaproxy - API scan with request header
- zaproxy - API scan - missing c in config