How to set Protected mode in ZAP docker?
204 views
Skip to first unread message
Bhoj Raj Joshi
Aug 6, 2021, 6:21:29 AM8/6/21
to OWASP ZAP Developer Group
Hello there,
As with the ZAP desktop, we can set the required scan mode by going to Edit->ZAP mode->(select the one from: Safe | Protected | Standard | ATTACK), how can I set the same with ZAP docker?
I know how to pass config params using "-z" flag, but can someone tell me what key and value I have to pass with that flag for Protected mode, or for all other modes for that matter?
Additionally, it would be great if there is any link that lists all the potential key/values that can be passed with "-z" flag in the ZAP docker. I tried to google as much as I could but can't find any information on that.
Thanks!
psiinon
Aug 6, 2021, 6:25:50 AM8/6/21
to OWASP ZAP Developer Group
We have a FAQ for that :D
Cheers,
Simon
Bhoj Raj Joshi
Aug 6, 2021, 7:05:17 AM8/6/21
to OWASP ZAP Developer Group
Wow, that is what I was looking for, thanks a lot!
I'm getting the below diff in the xml hierarchy, so I believe that the config param with "-z" flag is: "-config view.mode=protect".
XML diff snippet:
<config>
...
<view>
<locale>en_GB</locale>
...
<mode>protect</mode>
...
I can confirm the same in the zap.out logs:
1285 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config view.mode = protect was null
However, I noticed one additional property in the logs that was meant to be a comment, any idea how to put comments in the config prop file?
1285 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config -- = Common properties was null
Thanks!
thc...@gmail.com
Aug 6, 2021, 7:10:59 AM8/6/21
to zaproxy...@googlegroups.com
Start the line with #
Best regards.
On 06/08/2021 12:05, Bhoj Raj Joshi wrote:
> Wow, that is what I was looking for, thanks a lot!
>
> I'm getting the below diff in the xml hierarchy, so I believe that the
> config param with *"-z"* flag is: "*-config view.mode=protect*".
> config view.mode = protect was null*
> config -- = Common properties was null*
>>> mode->(select the one from: Safe | Protected | Standard | ATTACK)*, how
Best regards.
On 06/08/2021 12:05, Bhoj Raj Joshi wrote:
> Wow, that is what I was looking for, thanks a lot!
>
> I'm getting the below diff in the xml hierarchy, so I believe that the
>
> XML diff snippet:
> <config>
> ...
> <view>
> <locale>en_GB</locale>
> ...
> *<mode>protect</mode>*
> XML diff snippet:
> <config>
> ...
> <view>
> <locale>en_GB</locale>
> ...
> ...
> I can confirm the same in the zap.out logs:
> *1285 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting
> I can confirm the same in the zap.out logs:
> config view.mode = protect was null*
>
> However, I noticed one additional property in the logs that was meant to be
> a comment, any idea how to put comments in the config prop file?
> *1285 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting
> However, I noticed one additional property in the logs that was meant to be
> a comment, any idea how to put comments in the config prop file?
> config -- = Common properties was null*
>
> Thanks!
>
> On Friday, 6 August, 2021 at 3:55:50 pm UTC+5:30 psiinon wrote:
>
>> We have a FAQ for that :D
>>
>> https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/
>>
>> Cheers,
>>
>> Simon
>> On Friday, 6 August 2021 at 12:21:29 UTC+2 Bhoj Raj Joshi wrote:
>>
>>> Hello there,
>>>
>>> As with the ZAP desktop, we can set the required scan mode by going to *Edit->ZAP
> Thanks!
>
> On Friday, 6 August, 2021 at 3:55:50 pm UTC+5:30 psiinon wrote:
>
>> We have a FAQ for that :D
>>
>> https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/
>>
>> Cheers,
>>
>> Simon
>> On Friday, 6 August 2021 at 12:21:29 UTC+2 Bhoj Raj Joshi wrote:
>>
>>> Hello there,
>>>
>>> mode->(select the one from: Safe | Protected | Standard | ATTACK)*, how
>>> can I set the same with ZAP docker?
>>>
>>> I know how to pass config params using *"-z" *flag, but can someone tell
>>>
>>> me what key and value I have to pass with that flag for Protected mode, or
>>> for all other modes for that matter?
>>>
>>> Additionally, it would be great if there is any link that lists all the
>>> potential key/values that can be passed with *"-z"* flag in the ZAP
>>> for all other modes for that matter?
>>>
>>> Additionally, it would be great if there is any link that lists all the
Bhoj Raj Joshi
Aug 6, 2021, 7:24:03 AM8/6/21
to OWASP ZAP Developer Group
That's it! Thank you :)
Reply all
Reply to author
Forward
0 new messages