Can I get request and response history when using ZAP API scan on docker

[Avrinder Singh]

Hello Everyone,

Greetings of the day!

Is there a way I can get requests and response history  in a file when using ZAP API scan on docker.

Basically I want to see which what exact payload ZAP used and response ZAP got from a API server.

Right now I'm using following command:

 

sudo docker run  --rm -v /home/kali/docker-results/:/zap/wrk/:rw -t owasp/zap2docker-weekly zap-api-scan.py -t http://myapidomain/swagger/v1/swagger.json -f openapi -r api-scan-report-$(date +%m-%d-%Y-%H:%M).html >results-qa-$(date +%m-%d-%Y-%H:%M).txt 

Thank you in advance 

Avrinder 

[Simon Bennetts]

Hi Avrinder,

The packaged scans do not support the latest reports which include requests and responses.

You have 2 options:

1. Use a scan hook and call the new reporting add-on api to get one of the new reports

2. Use the Automation Framework

Cheers,

Simon