-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Scan URl via API in daemon mode #1775
Comments
ZAP expects the parameter What ZAP version are you using? |
I using version 2.4.1. i updatet from 2.4.0 last week, this is my logfile: |
The |
There's a missing "not" in previous answer: |
allright but if i change the url to my url looks like: http://zap/JSON/ascan/action/scan/?url=http://localhost/webaktesecurity/home is their any problem with scanning localhost urls's first i try it locally |
To which error are you referring with "same problem"? Note that you need to access the target URL before starting the scan, also, if you just want to scan one URL you need to set the parameter P.S. Deleted all the path traversal comments. |
Hello again, Thanks a lot for your help. I' dont know what's going wrong. maybeI'll tell you my approach: I wan't to integrate owasp in Teamcity build server. if i understand you right. At the end I would like to make an evaluation of the following XML, so as not to deploy the version on the server, if we have to many security bugs. http://localhost:8080/OTHER/core/other/xmlreport/ what i have to do if i want to do it automaticlly ? regards |
You don't need to proxy through the Firefox, you just need to open the URL with ZAP as the proxy first to add it to the sites tree (i.e. make a request to it with localhost:8080 as the proxy). If you're using one of the API clients, this should happen with their relevant URL open method. For example, in Python you'd use the urlopen method before running the spider and/or active scan. See the ApiPython page for an example, or you can take a look at the CLI client I wrote for more examples if that's useful. You can also look at info on the Java API which links to examples, and there are more to be found in various places, or clients for many other languages. |
ok I want to try to explain exactly what I'm doing i found some skript I tried it this steps are clear everythink works fine, i can start zap via UI or via Console App but: this not 2015-08-13 10:40:06,894 [main ] INFO ZAP - OWASP ZAP 2.4.1 started. i have no idea whats going wrong any help the application crashes here Der Remoteserver hat einen Fehler zurückgegeben: (500) Interner Serverfehler if i start the _target in Browser i can see my side Any IDEA's i only want that this example running and i can make my work. i don't know why i have this error. |
Does |
ok thanks a lot it's working |
Hey |
Can you reopen my Issue or if i create a new issue |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
I'd like to scan one Url via API
by example:
zap/JSON/ascan/action/scan/?url=google.de
then i have no results i have an exception like
"Beim Auswerten des JSON-Dokuments trat ein Fehler auf. Eventuell ist das Dokument nicht nach den Spezifikationen aufgebaut.
unexpected character at line 1 column 1
Parameter unvollständig (missing_parameter) : url"
what i'm doing wrong ?
The text was updated successfully, but these errors were encountered: