---
env:
contexts:
- name: "FullScan"
urls: []
parameters:
failOnError: false
jobs:
- parameters:
enableTags: false
disableAllRules: false
type: "passiveScan-config"
- parameters:
url: ""
type: "spider"
- parameters:
maxDuration: 5
url: ""
type: "spiderAjax"
tests:
- parameters:
maxDuration: 0
type: "passiveScan-wait"
- parameters:
context: ""
user: ""
policy: "Default Policy"
maxRuleDurationInMins: 1
maxScanDurationInMins: 5
maxAlertsPerRule: 15
type: "activeScan"
- parameters:
format: Short
summaryFile: /home/zap/zap_out.json
rules: []
type: outputSummary
- parameters:
template: "traditional-html"
reportDir: "/zap/wrk/scan_report"
reportFile: default_name
reportTitle: "ZAP Scanning Report"
reportDescription: ""
type: "report"
- parameters:
template: "traditional-json"
reportDir: "/zap/wrk/scan_report"
reportFile: default_name
reportTitle: "ZAP Scanning Report"
reportDescription: ""
type: "report"
Below command used to execute ZAP AF run:
$custom_traceparent = "-config api.disablekey=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config replacer.full_list(0).description=markHeader -config replacer.full_list(0).enabled=true -config replacer.full_list(0).matchtype=REQ_HEADER -config replacer.full_list(0).matchstr=traceparent -config replacer.full_list(0).regex=false -config replacer.full_list(0).replacement=$traceparent -config replacer.full_list(1).description=markHeader1 -config replacer.full_list(1).enabled=true -config replacer.full_list(1).matchtype=REQ_HEADER -config replacer.full_list(1).matchstr=tracestate -config replacer.full_list(1).regex=false -config replacer.full_list(1).replacement=$tracestate" docker run -v ${outputFilePath}:/zap/wrk/:rw -t zaproxy/zap-stable zap.sh -cmd -autorun /zap/wrk/$cmd -dir /zap/wrk/ $custom_traceparent -addonupdate -addoninstall pscanrulesBeta