Reputation: 242
Get report from OWASP Zap session
I'm trying to get OWASP ZAP to run while I run my cypress tests. I think have it working but can't get a human readable report out. I'm running the daemon
cross-env-shell java -jar ./zap/zap-D-2022-05-16.jar -daemon -port 8080 -config api.addrs.addr.regex=true -config api.disablekey=true -newsession $INIT_CWD/zap-results/session
then I run my cypress test proxied through the port the daemon is running on. I can see the zap-results folder populated, but am not sure how to get an html or similar report from here.
I see references to the -last_scan_report option but that seems depreciated in the build I have. I also don't seem to be able import the session GUI either.
Do I need to change something in my daemon config and/or what cli command can run to export a report?
Upvotes: 1
Views: 637
Answers (1)
Reputation: 6186
First of all, dont run ZAP via the jar - its not designed to be run that way. Use the zap.sh or zap.bat command as appropriate. The recommended ways to automate ZAP are given on https://www.zaproxy.org/docs/automate/
If you are OK using Docker then the packaged scans are a good option, otherwise I'd recommend the Automation Framework.
Note that the ZAP User Group is the best way to get help on using ZAP: https://groups.google.com/group/zaproxy-users
Upvotes: 1
Related Questions
- how to export report using owasp zap session
- How to capture HTTP request in OWASP ZAP
- Owasp zap tool - How to get a list of passed and failed tests?
- How to get CVSS score from CWE/WASC/Source ID in ZAP
- How to working Owasp ZAP on web interface
- ZAP-CLI report generation
- zap not showing correct GET api in summery report
- How to check if ZAP reports/alerts have been generated after scan?
- How to generate full report in owasp zap in any format
- zap proxy how to exlude response from alert tab