Packaged_scan on ZAP

Baseline Scan Changes

Tue, 15 Jun 2021 00:00:00 +0000

Important information for anyone who uses the baseline scan in the Live or Weekly Docker images.

ZAP - API Scan

Mon, 01 Jan 0001 00:00:00 +0000

The ZAP API scan is a script that is available in the ZAP Docker images.

It is tuned for performing scans against APIs defined by OpenAPI, SOAP, or GraphQL via either a local file or a URL.

It imports the definition that you specify and then runs an Active Scan against the URLs found. The Active Scan is tuned to APIs, so it doesn’t bother looking for things like XSSs.

ZAP - Baseline Scan

Mon, 01 Jan 0001 00:00:00 +0000

The ZAP Baseline scan is a script that is available in the ZAP Docker images.

It runs the ZAP spider against the specified target for (by default) 1 minute and then waits for the passive scanning to complete before reporting the results.

This means that the script doesn’t perform any actual ‘attacks’ and will run for a relatively short period of time (a few minutes at most).

ZAP - Full Scan

Mon, 01 Jan 0001 00:00:00 +0000

The ZAP full scan is a script that is available in the ZAP Docker images.

It runs the ZAP spider against the specified target (by default with no time limit) followed by an optional ajax spider scan and then a full active scan before reporting the results.

This means that the script does perform actual ‘attacks’ and can potentially run for a long period of time.

ZAP - Scan Hooks

Mon, 01 Jan 0001 00:00:00 +0000

Scan Hooks

To make it easy to make little tweaks here and there a hook system is in place to help you. It enables you to override or modify behaviour of the script components instead of having to write a new script.

Use Cases

Modifying Args
For the AJAX crawler you may want to target a suburl with a specific hash (http://example.com vs http://example.com/#/dashboard). You can use the zap_ajax_spider hook to intercept the arguments and modify them.