Target Url Questions with ZAP automation framework
67 views
Skip to first unread message
Jin Lu
Mar 20, 2024, 8:40:52 AM3/20/24
to ZAP User Group
Hello guys,
I am testing the ZAP automation framework right now, wish to understand the spidering functions of ZAP.
Like following picture shows, I input same IP with https://, http:// and with its ports. I notices that the one with ports are not scanned, only with http and https.
So my question is, if I only have one IP as target each time, do I need to input it in all formats and with its ports , or simply just input http:// and https://
Thanks a lot,
Jin
Simon Bennetts
Mar 22, 2024, 5:46:47 AM3/22/24
to ZAP User Group
The ZAP spiders only have one starting point.
If you dont specify a starting point for them in the AF then they will choose the first URL of the first context.
If you want to spider using multiple starting points then include a spider job for each of them and specify the relevant URL.
Cheers,
Simon
thc...@gmail.com
Mar 25, 2024, 3:18:12 AM3/25/24
to zaprox...@googlegroups.com
You can also use the requestor job to access those additional
schemes/ports which would then be used as seeds by the spider (assuming
they are under the context).
https://www.zaproxy.org/docs/desktop/addons/automation-framework/job-requestor/
Best regards.
schemes/ports which would then be used as seeds by the spider (assuming
they are under the context).
https://www.zaproxy.org/docs/desktop/addons/automation-framework/job-requestor/
Best regards.
Reply all
Reply to author
Forward
0 new messages