Allow to filter out Analyser requests in the Active Scan tab

[rodneylive]

1. Start with a clean install. Uninstall and delete the old database if you have to. This issue will not appear if you do an in place upgrade from 2.11.1 to 2.12.0.
2. Start ZAP 2.12.0. If this is a new install, you might have to let it update the add-ons and restart ZAP.
3. Select Analyse/Scan Policy Manager from the menu.
4. Press Add button.
5. Call this new Policy "allOff".
6. In the Apply dropdown select "Off", makesure the Threshold dropdown is set to "All" and press the GO button.
7. Quickly review the new policy to ensure the threshold for all rules is OFF, then press the OK button.
8. Close the Scan Policy Manager dialog.
9. Select Tools/Options from the menu.
10. Select Active Scan from the side menu.
11. Set the Default Active Scan Policy to allOff.
12. Set the Attack Mode Scan Policy to allOff.
13. Press OK to close the Options dialog.
14. At this point, start your web browser and make sure it is configured to send traffic through your ZAP proxy.
15. Browse to your test website.
16. In the Sites list, right-click your test domain and select Include Site in Context/Default Context.
17. Press OK to close the Session Properties dialog.
18. On the History tab, press the Filter button to confirm your scope is correct.
19. Use the dropdown in the top left corner to put ZAP into ATTACK Mode.
20. Now browse around your test site a little.
21. Back in ZAP, switch to the Active Scan tab. Notice there are several requests listed there, even though all tests should have been turned off.

I confirmed this on both Windows and Linux, but it does required a clean install.

[kingthorin]

Analyzer isn't a "rule" it can't be disabled. If you don't want to scan something, simply don't scan it. Also Analyzer's coverage/usage was expanded in 2.12 (#7181).

In the future please use the established issue templates https://github.com/zaproxy/zaproxy/issues/new/choose

[rodneylive]

This didn't happen in any version until 2.12.0. When I revert to 2.11.0 it works as expected. Please try it before you close it.

[thc202]

Did you read the above comment? The behaviour you are seeing is the expected behaviour.

[rodneylive]

I understand what you are both saying. But as a pentester I often only run one active scan rule because I'm searching for something very specific. This "analyzer" rule is adding requests to the Active Scan tab that are just noise and make it difficult to see the requests that I really want to see.

[thc202]

Issue updated to match what you really want.