Bhuvana Dhanam
Reputation: 43
Zap docker - Active scan
Is there a way to run active scan through ZAP docker?
I have a web application that requires login and after login I need to record the actions I am doing in UI and need to do active scan against that page. It is a form based web application.
We are using python with selenium for UI automation.
Upvotes: 1
Views: 1528
Answers (1)
Simon Bennetts
Reputation: 6196
Yes, via the Full Packaged Scan: https://www.zaproxy.org/docs/docker/full-scan/ Setting up authentication is also possible - we've just published a video walking through this process: https://www.youtube.com/watch?v=BOlalxfdLbU
Upvotes: 2
Related Questions
- Zap2Docker custom scan rules
- ZAP active scan works in desktop but fails in docker image with url_not_in_context error
- Scanning APIs with ZAP Docker image - How to provide Bearer Token?
- How to run ZAP Scan to scan another container
- OWASP Zap Docker scan spidering out-of-scope items
- OWASP ZAP docker returns 'Connection refused' when running active-scan
- Scanning Rest API's through OWASP zap inside a docker environment
- How to run OWASP Zed Attack Proxy ZAP's zap-api-scan.py without requiring docker
- Zap scan is not running SOAP injection test
- Pass login parameters to scan with owasp zap on docker command