Limiting the number of attacks on a single API

32 views
Skip to first unread message

Joseph

unread,
Dec 1, 2024, 9:50:15 PM12/1/24
to ZAP Scripts
I can't really dive into details but essentially there is an API in our website that can be costly when attacked multiple times. We want to somehow limit the number of attacks on this single api and I think scripts can do this I just don't know how. Is there anyone that can help me on this?

Simon Bennetts

unread,
Dec 2, 2024, 4:21:08 AM12/2/24
to ZAP Scripts
If you were talking about proxied requests then you could just use a proxy script like https://github.com/zaproxy/community-scripts/blob/main/proxy/Drop%20requests%20not%20in%20scope.js
For requests coming from ZAP you would have to use an httpsender script .. but those dont allow you to completely block the request.
Instead you could use an httpsender script to change the URL to point somewhere else, e.g. a URL that doesnt exist.

Cheers,

Simon

Joseph

unread,
Dec 3, 2024, 12:23:50 AM12/3/24
to ZAP Scripts
Follow up question. Is it possible to have my API scanned only for SQLi and any other attack would change the URL with httpsender scripts?

Simon Bennetts

unread,
Dec 4, 2024, 5:33:39 AM12/4/24
to ZAP Scripts
Of course. Just create a new Scan Policy with only the relevant rules enabled: https://www.zaproxy.org/docs/desktop/start/features/scanpolicy/

Cheers,

Simon
Reply all
Reply to author
Forward
0 new messages