Integrating zap into jenkins using code/groovy
771 views
Skip to first unread message
veronic...@owasp.org
Feb 20, 2019, 11:13:51 AM2/20/19
to OWASP ZAP User Group
Hi All
I am able to use the OWASP ZAP plugin in Jenkins to add security tests to Jenkins however I want to be able to add zap as code to the Jenkins orchestration so that it will automatically run. I haven't been able to find the result yet. I usually use the snippet generator to generate the groovy code for me but I don't see this option for ZAP. If anyone has any information/documentation, that would be greatly appreciated.
RAJENDRA PRASAD
Feb 20, 2019, 11:15:26 AM2/20/19
to zaprox...@googlegroups.com
Even I am interested in this solution, can anybody help us...
Thanks,
Rajendra
--
You received this message because you are subscribed to the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/zaproxy-users/70f8aa6c-7bbe-47ce-bde1-a4398df4c558%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
thc...@gmail.com
Feb 20, 2019, 11:25:23 AM2/20/19
to zaprox...@googlegroups.com
Hi.
I think you'll have to use the following plugin:
https://plugins.jenkins.io/zap-pipeline
Best regards.
I think you'll have to use the following plugin:
https://plugins.jenkins.io/zap-pipeline
Best regards.
Message has been deleted
Message has been deleted
veronic...@owasp.org
Feb 21, 2019, 10:33:26 AM2/21/19
to OWASP ZAP User Group
Hi
thank you. So the sessionPath:"/somewhere/session.session", does this need to be a pre-recorded session/authentication?
I'm trying to figure out if I run a crawl, how the results of that crawl will feed into a passive scan? or maybe I just run a passive scan without a crawl?
kingthorin+owaspzap
Feb 21, 2019, 11:07:59 AM2/21/19
to OWASP ZAP User Group
Passive scanning occurs on all proxied or spidered traffic.
veronic...@owasp.org
Feb 21, 2019, 11:52:18 AM2/21/19
to OWASP ZAP User Group
Ok cool, thank you.
Praveen Reddy
Jun 30, 2020, 12:30:21 AM6/30/20
to OWASP ZAP User Group
Hi,
where you able to trigger the build with zap-pipelines? I am getting error
java.lang.Throwable: zap: Failed to start ZAP process
Thankd,
Praveen
Eric W
Jul 14, 2020, 8:10:12 PM7/14/20
to OWASP ZAP User Group
Hi,
I hope that this blog post might help you in integrating zap in jenkins pipeline using pipeline scripting (code/groovy)
https://augment1security.com/cicd/cicd-with-owasp-zap-docker-and-pipeline-scripting-part-1/
https://augment1security.com/cicd/cicd-with-owasp-zap-docker-and-pipeline-scripting-part-2/
https://augment1security.com/cicd/cicd-with-owasp-zap-docker-and-pipeline-scripting-part-1/
https://augment1security.com/cicd/cicd-with-owasp-zap-docker-and-pipeline-scripting-part-2/
Best
Regards,
Eric W.
https://augment1security.com
Twitter: @aug1sec
Eric W.
https://augment1security.com
Twitter: @aug1sec
Reply all
Reply to author
Forward
0 new messages