Rescan results not changed
25 views
Skip to first unread message
ale
Jun 25, 2024, 6:54:44 AM (8 days ago) Jun 25
to ZAP User Group
I perform a scan with the OWASP ZAP GUI on some APIs with authentication, and a report with alerts is generated.
I need to run this scan periodically using a pipeline. What I do is save the session via GUI and then run it via Docker by importing the session:
docker exec zap curl "http://localhost:8090/JSON/core/action/loadSession/?name=/zap/wrk/zap.session"
After that, I run the scan for each URL.
What happens is that the results of the report shown to me are identical to those generated by the GUI, as if it isn’t performing a real scan but rather showing me the same results.
I need to run this scan periodically using a pipeline. What I do is save the session via GUI and then run it via Docker by importing the session:
docker exec zap curl "http://localhost:8090/JSON/core/action/loadSession/?name=/zap/wrk/zap.session"
After that, I run the scan for each URL.
What happens is that the results of the report shown to me are identical to those generated by the GUI, as if it isn’t performing a real scan but rather showing me the same results.
Simon Bennetts
Jul 1, 2024, 10:05:55 AM (yesterday) Jul 1
to ZAP User Group
This is the expected result.
The ZAP session is an HSQLDB db which contains all of the requests, responses, alerts etc.
If you open a previous session then you will still have all of the old alerts.
Solution - start a new ZAP session rather than openning an old one :D
If that wont work for you then you need to explain what you are trying to do..
cheers,
Simon
Reply all
Reply to author
Forward
0 new messages