Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
How to get a report of Passing and Failed Tests in ZAP Active Scan
1,053 views
Skip to first unread message
Omkar Kumbhar
Sep 7, 2022, 2:49:47 AM9/7/22
to OWASP ZAP Developer Group
Hi Team,
I am trying to export ZAP active scan report in json and importing that report into Heimdall. We use Heimdall as our reporting dashboard where we upload reports from different tools and see the results at one place.
However, whenever I upload ZAP active scan json based report in Heimdall, it only shows failed tests (These are the vulnerabilities reported by ZAP tool) but we are expecting that the report should show number of test cases passed vs number of test cases failed.
Is there any way in ZAP where we can export this kind of report? If there is no such report-template available now then is there any plan to develop such report template in future?
Thanks,
Omkar
psiinon
Sep 7, 2022, 3:39:01 AM9/7/22
to OWASP ZAP Developer Group
Hi Omkar,
The full list of reports available, and what they provide, is here: https://www.zaproxy.org/docs/desktop/addons/report-generation/templates/
The Modern HTML Report with themes and options report does show passing tests as well as failing ones/
If that doesnt work for you then it fairly easy to create your own reports (especially if you rip off existing ones;) : https://www.zaproxy.org/docs/desktop/addons/report-generation/create/
If you create any that you think other people may find useful then please contribute them back - we can help with the PR etc.
Cheers,
Simon
Travaca
Oct 3, 2023, 3:44:31 PM10/3/23
to ZAP Developer Group
Hey all,
I've been looking for ways to get Pass and Fails in a json or xml report.
I've looked at the links provided here and I'm struggling to gather how I can use this information to get what I need.
I'm using zap docker containers and successfully running zap.sh, zap-baseline.py, and zap-full-scan.py; it prints out Pass, Fail, Warn in the terminal but the report only go as far as Warn, still cant get Passes to show.
Any advice would be appreciated!
Travaca
I've been looking for ways to get Pass and Fails in a json or xml report.
I've looked at the links provided here and I'm struggling to gather how I can use this information to get what I need.
I'm using zap docker containers and successfully running zap.sh, zap-baseline.py, and zap-full-scan.py; it prints out Pass, Fail, Warn in the terminal but the report only go as far as Warn, still cant get Passes to show.
Any advice would be appreciated!
Travaca
psiinon
Oct 4, 2023, 3:21:02 AM10/4/23
to ZAP Developer Group
The previous answer still stands.
The reports are all described on https://www.zaproxy.org/docs/desktop/addons/report-generation/templates/
Only the Modern HTML Report with themes and options report shows the passing results, and thats not accessible via the Packaged Scans.
The Packaged Scans are always going to be limited in some way.
Have a look at the Automation Framework (AF): https://www.zaproxy.org/docs/automate/automation-framework/
This is much more flexible and does support all of the reports.
We are also migrating the Packaged Scans to use the AF under the hood.
Cheers,
Simon
hailez antony
Dec 11, 2024, 9:33:32 AM12/11/24
to ZAP Developer Group
I am running the zap-stable Docker image and performing scheduled scans on my websites using the fullscan.py script. The scans are executed without using the GUI, and the generated reports are automatically uploaded to our storage system. Currently, the reports are created using the traditional HTML template. I would like to switch to the modern HTML template format. What changes do I need to make to achieve this from the command line.
psiinon
Dec 11, 2024, 10:12:18 AM12/11/24
to ZAP Developer Group
These questions are all about how to use ZAP - please ask them on the ZAP User Group: https://groups.google.com/group/zaproxy-users
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages