Skipped Plugin error messages

7 views
Skip to first unread message

AnilKumar Malyala

unread,
Sep 3, 2022, 12:19:55 AMSep 3
to OWASP ZAP Developer Group
Hello All,

I am using java ClientAPI call to scan my API and that example implementation provided, but I see that many stages are skipped but when I scan thru UI i get different vulnerabilities listed. Pls let me know what I am missing here.

56688 [ZAP-ProxyThread-6] INFO  org.parosproxy.paros.core.scanner.Scanner - scanner started
56701 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - No nodes to scan [just in scope] from http://localhost:8080, skipping all plugins.
56701 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | PathTraversalScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56702 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | RemoteFileIncludeScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56702 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | SourceCodeDisclosureWebInfScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56702 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | ExternalRedirectScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56703 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | ServerSideIncludeScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56703 [Thread-9] INFO  org.parosproxy.paros.core.scanner.HostProcess - skipped plugin [no nodes to scan] http://localhost:8080 | CrossSiteScriptingScanRule in 0s with 0 message(s) sent and 0 alert(s) raised.
56703 [Thread-9] INFO  org.parospr


thc...@gmail.com

unread,
Sep 7, 2022, 5:05:43 AMSep 7
to zaproxy...@googlegroups.com
Hi.

Those are not error messages. That indicates there's nothing to scan,
make sure that your context is in scope and that it includes something.

Best regards.
Reply all
Reply to author
Forward
0 new messages