Zap's Disk Usage

[Gannicus 999]

Hi Everyone

Few days ago i was doing a scan using zap against a website. First of all it was taking to much time but since it was a big website i tought that is okay so i decided to let it run. My main problem is, after running more than 15 hours i realised that it created a data file more than 50GB big even though i didn't check the persist session box. Eventually i run out of disk space and zap is crushed. My quesstion is; why it is using so much disk space and is there a way to make it use less space than that. (im okay if it doesn't record everything, i just need a report for once.)

Second Question

I dont know if it's okay to ask multiple questions at once, so if its not okay, forgive me.

After that scan i did some research in order to make the zap run faster, i read the official documentations and found this at "Max Results to List" part: 

"Displaying a large number of results can significantly increase the time a scan takes."

By default this setting in zap is set to 1000, im thinking about decreasing it but i didn't fully get what this option does, is it okay to set it say 50 or 100, how much it effects the overall speed and what would i lose if i decrease it to much? To sum up, i would like to get a little more information about this setting.

Thanks in Advance

[Simon Bennetts]

Hiya,

ZAP will always use a HSQLDB db persisted to disk no matter what option you choose. The only difference is that when you choose not to persist it then it deletes it at the end.

If we didnt write to disk then we would run out of memory _really_ quickly ;)

The "Max Results to List" only affects the UI I'm afraid, so that wont help you.

Right now we don't have a large number of options for you I'm afraid.

However definitely disable the recovery log using the database.recoverylog=false config option.

I have heard that some people have made core changes which apparently reduce the amount of data that ZAP persists to disk.

I'll see if I can find out more about this.

Cheers,

Simon