Parallelize ZAP
296 views
Skip to first unread message
Roy Inganta Ginting
Feb 20, 2014, 5:14:28 AM2/20/14
to zaprox...@googlegroups.com
Is there way to parallelize ZAP? I mean running multiple ZAP instance to speed up scanning 1 huge site.
I have search this forum with keyword "parallel zap", "cluster zap", and "multiple instances zap" but could not found any solution.
Thank you
Simon Bennetts
Feb 20, 2014, 5:26:12 AM2/20/14
to zaprox...@googlegroups.com
Theres no explicit support in ZAP for this.
In theory you could 'manually' divide a site up into logical sections and set different ZAP instances to scan these sections.
But do have a look at my blog post: How to speed up OWASP ZAP scans :)
Cheers,
Simon
In theory you could 'manually' divide a site up into logical sections and set different ZAP instances to scan these sections.
But do have a look at my blog post: How to speed up OWASP ZAP scans :)
Cheers,
Simon
Roy Inganta Ginting
Feb 20, 2014, 5:45:46 AM2/20/14
to zaprox...@googlegroups.com
Just finished reading your blog. Found a lot of gotchas to speed up the scanning process.
Do you think it is practical to parallelize ZAP by modifying its workflow such as applying work queue?
So multiple ZAP will listen to a queue and the job will be feed to this queue.
Simon Bennetts
Feb 20, 2014, 5:51:26 AM2/20/14
to zaprox...@googlegroups.com
It would certainly be possible, but probably non trivial ;)
Feel free to raise an enhancement request: http://code.google.com/p/zaproxy/issues/list
This actually sounds like a good Google Summer of Code project, but I'm not sure if we can submit any more for this year.
However if any students propose it then they would be very seriously considered!
Cheers,
Simon
Feel free to raise an enhancement request: http://code.google.com/p/zaproxy/issues/list
This actually sounds like a good Google Summer of Code project, but I'm not sure if we can submit any more for this year.
However if any students propose it then they would be very seriously considered!
Cheers,
Simon
Roy Inganta Ginting
Feb 20, 2014, 6:12:27 AM2/20/14
to zaprox...@googlegroups.com
Submitted on https://code.google.com/p/zaproxy/issues/detail?id=1040.
Unfortunately i am not a student.
Best regard,
Roy Inganta Ginting | System Engineer | GDPEmail: roy.i....@gdpventure.com
mobile: +62 85 763 672 684
Jl Aipda K.S. Tubun 2C / 8 Jakarta 11410, Indonesia
--
You received this message because you are subscribed to a topic in the Google Groups "OWASP ZAP User Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/zaproxy-users/t04msvdpT_U/unsubscribe.
To unsubscribe from this group and all its topics, send an email to zaproxy-user...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Simon Bennetts
Feb 20, 2014, 6:33:05 AM2/20/14
to zaprox...@googlegroups.com
Thanks.
btw this is in no means restricted to students, so anyone can take this on :)
But I suspect it will take quite a bit of work.
Cheers,
Simon
btw this is in no means restricted to students, so anyone can take this on :)
But I suspect it will take quite a bit of work.
Cheers,
Simon
Roy Inganta Ginting
Feb 20, 2014, 6:39:43 AM2/20/14
to zaprox...@googlegroups.com
I think i can help, but i don't know where to start.
I have knowledge how to write code on java, but no mean of expert.
Best regard,
Roy Inganta Ginting | System Engineer | GDPEmail: roy.i....@gdpventure.com
mobile: +62 85 763 672 684
Jl Aipda K.S. Tubun 2C / 8 Jakarta 11410, Indonesia
Simon Bennetts
Feb 24, 2014, 7:33:31 AM2/24/14
to zaprox...@googlegroups.com
Well, its definitely a non trivial project.
If you are interested then I'd recommend starting with a smaller development just to get used to the ZAP codebase.
We've got a load of suggestions on the wiki: http://code.google.com/p/zaproxy/wiki/Projects
And feel free to ask if you have any questions - the developer group is probably best for that.
Cheers,
Simon
If you are interested then I'd recommend starting with a smaller development just to get used to the ZAP codebase.
We've got a load of suggestions on the wiki: http://code.google.com/p/zaproxy/wiki/Projects
And feel free to ask if you have any questions - the developer group is probably best for that.
Cheers,
Simon
Reply all
Reply to author
Forward
0 new messages