Per Scan Reports

Smit Thakkar

unread,

Jun 29, 2022, 8:05:22 AMJun 29

to OWASP ZAP User Group

Hi Team,

I have a use-case where I want to extract the scan level details for a site.

For e.g.
Iteration | URL | no.of alerts |

1| test.com | 12 |

2| test.com | 15 |

3| test.com | 10 |

I want to get the complete information for a particular scan like date, id , number of alerts etc. , so that I can understand the trends and improve.

I already checked the alert API but there is no luck.

I imagine to use the same setup for multiple sites in future, so it would be great if I can get iteration level data.

I've tried the docker route too, however its a pain to spin and generate a report for every iteration.

Smit Thakkar

unread,

Aug 7, 2022, 11:15:08 AM (yesterday) Aug 7

to OWASP ZAP User Group

Hi Team,

Can anyone please help here or share any insights/solutions for this.

Thanks,

Smit

Simon Bennetts

unread,

Aug 8, 2022, 3:24:52 AM (yesterday) Aug 8

to OWASP ZAP User Group

Hi Smit,

Its worth noting that ZAP has no real concept of "scan history" so realistically you will need to launch ZAP (or start a new session) each time you want to scan your site.

All the raw information should be available via the API, but it might not be in the exact format you want.

An alternative it to write a new report: https://www.zaproxy.org/docs/desktop/addons/report-generation/create/

If you want to know which APIs to use then let us know exactly what you want - in your example "no. of alerts" could be either the number of types of alerts or the number of instances of alerts.