Run just one scan rule

24 views
Skip to first unread message

Ján Ambroz

unread,
Mar 9, 2022, 5:06:20 PM3/9/22
to OWASP ZAP Developer Group
How to run just CrossSiteScriptingScanRule in ZAP dev ?

psiinon

unread,
Mar 10, 2022, 4:34:50 AM3/10/22
to OWASP ZAP Developer Group
I actually did this in the workshop I ran yesterday :D
The recording is available on Hopin if you registered for the event, and will be available on YouTube soon as well.
In the meantime I'll give you a quick overview here.
You actually have several options.

If you only want to do this once:
  1. Right click your target in the Sites / History tab and "Attack" -> "Active Scan..."
  2. In the Active Scan dialog enable "Show Advanced Options"
  3. Switch to the "Policy" tab
  4. Apply "OFF" Threshold To "All" Rules and click "Go" - this will turn all of the active scan rules off
  5. Select "Injection" in the left hand panel then ,click on the "Default" Threshold for the "Cross Site Scripting (Reflected)" test and change it to "Medium"
  6. Click "Start Scan"
If you're going to want to do this several times then you can creat a Scan Policy for this:
  1. On the main ZAP toolbar click on the "Scan Policy Manager..." button (the mixing desk one)
  2. Click "Add" (on the right hand side)
  3. Put something that makes sense to you in the "Policy" field, eg "XSS Reflected"
  4. Follow the steps 4 and 5 from above
  5. Click "OK" at the bottom
  6. When you want to run a scan you will now have this policy available in the Active Scan dialog
Does that help?
You can also set up an Authentication Plan which just scans for specific vulnerabilities as well if you want to automate this.

Cheers,

Simon

Ján Ambroz

unread,
Mar 10, 2022, 3:17:06 PM3/10/22
to zaproxy...@googlegroups.com
Hi Simon,

I just watched the vide and it answered my question. 

Thank you
Jan

--
You received this message because you are subscribed to a topic in the Google Groups "OWASP ZAP Developer Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-develop/ZPVk_TnNPxA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-devel...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/zaproxy-develop/af0896d7-e0d6-4e70-83d6-897a49e25b32n%40googlegroups.com.
--
Ján Ambroz
Reply all
Reply to author
Forward
0 new messages