Skip to content
This repository has been archived by the owner on Oct 26, 2022. It is now read-only.

Secure-Booking-Service/Dynamic-Application-Security-Testing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github
.github
 
 
README.md
README.md
 
 
logo.svg
logo.svg
 
 

Repository files navigation

Check-All Icon by Bootstrap

Dynamic Application Security Testing


Badge ZAP - Full Scan ZAP - API Scan

This repository contains workflow files for GitHub Actions. These workflows performs either a Full scan or an API scan.

Message from the OWASP ZAP Team:

WARNING [these actions] will perform attacks on the target website [or api]. You should only scan targets that you have permission to test. You should also check with your hosting company and any other services such as CDNs that may be affected before running this action. ZAP will also submit forms which could result in a large number of messages via, for example, 'Contact us' or 'comment' forms.

Setup

To setup this project it is required to define the following repository secrets:

ZAP_FULL_SCAN_TARGET

Target url for the ZAP full scan.

ZAP_API_SCAN_FILE

Target API definition as local file or URL like https://www.example.com/openapi.json

ZAP_API_SCAN_FILE_FORMAT

The format of the defintion openapi, graphql or soap.

ZAP_GLOBAL_CMD_OPTIONS

Additional command lines options for the scan script

Icon by Bootstrap published under MIT licence.

About

Run DASTs via ZAP powered by GitHub Actions

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published