exetr / zap-cicd-integration Goto Github PK
View Code? Open in Web Editor NEWA python script which is designed to integrate vulnerability assessment capabilities using OWASP Zed Attack Proxy (ZAP) into CI/CD platforms and pipelines
A python script which is designed to integrate vulnerability assessment capabilities using OWASP Zed Attack Proxy (ZAP) into CI/CD platforms and pipelines
The error occurred when I try to run the spider. Not sure if the script is outdated or am I missing something...
python3 Zaper.py -t https://Site.com -r zap-results.html
279631 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start
279664 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit end
279684 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Database closed
279858 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open start
279866 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open end
279943 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit start
279953 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache commit end
279973 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - Database closed
280111 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open start
280112 [ZAP-ProxyThread-16] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open end
280196 [ZAP-ProxyThread-16] INFO org.parosproxy.paros.control.Control - New session file created: /home/ubuntu/.ZAP/session/20200325_113245.session
[+] ZAP Session 20200325_113245 started
[+] OWASP Zed Attack Proxy v2.9.0
[*] Opening target: https://Site.com
[*] Spidering target: https://Site.com
282639 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Starting spidering scan on https://Site.com at Wed Mar 25 11:32:48 UTC 2020
282639 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Spider initializing...
282640 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider - Starting spider...
282795 [ZAP-SpiderThreadPool-0-thread-1] INFO org.zaproxy.zap.spider.Spider - Spidering process is complete. Shutting down...
282797 [ZAP-SpiderShutdownThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread - Spider scanning complete: true
[+] Spider scan completed
284653 [ZAP-ProxyThread-23] INFO net.sf.json.xml.XMLSerializer - Using default type string
==================== OWASP ZAP Spider Scan Summary ====================
Traceback (most recent call last):
File "Zaper.py", line 183, in <module>
main(args)
File "Zaper.py", line 69, in main
CLIoutput(json.loads(zap.core.jsonreport()))
File "Zaper.py", line 105, in CLIoutput
for x in results['site']['alerts']:
TypeError: list indices must be integers or slices, not str
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.