Hey everyone,
I'm currently exploring the Automation Framework and during my testing, I'm receiving multiple results from ZAP Spider, which leads to my confusion and I want to clarify how ZAP Spider works. I have a self-hosted DVWA running on Docker which is the target of these tests.
I am using ZAP 2.15.0 with default add-ons up to date.
Scenario 1
This is the first time opening ZAP. I click on the Firefox icon to open the ZAP browser and manually explore the the app by visiting all URLs and clicking on menu items. Afterwards, I created an Automation Framework Plan and ran it, which resulted in 85 URLs crawled and 15 alerts.
Scenario 2
After running Scenario 1, we create a new session with the same Automation Framework Plan and run it. This time, ZAP Spider only crawled 5 URLs and only found 9 alerts.
Scenario 3
At this point, I'm not sure what's happening, so I decided to use Docker ZAP to run a scan using the same Automation Framework Plan as previous scenarios. This time, ZAP Spider crawled 14,589 URLs and found 20 alerts.
Note: The "http://172.22.0.3" is just DVWA's internal Docker IP and I have to change my configuration to that when running ZAP Docker.
Please see attachment for my ZAP Context and Automation Framework Plan.
Looking forward to your response. Thanks!