如何将zap会话文件传递给dockerized zap扫描仪? [英] How to pass zap session files to dockerized zap scanner?
本文介绍了如何将zap会话文件传递给dockerized zap扫描仪?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在执行扫描之前,如何正确地将会话文件(.session .session.data .session.properties .session.script和上下文)传递给以下命令?
How to properly pass session files (.session .session.data .session.properties .session.script and context) to the following command before the scan is executed?
docker run -rm -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py \
-t https://www.example.com -r testreport.html
推荐答案
使用 core/action/loadSession/
API端点.像这样:
Use the core/action/loadSession/
API endpoint. Something like this:
from zapv2 import ZAPv2 as zap
import time
apikey = 'apikey12345' #Change this to match your setup
z = zap(apikey=apikey, proxies={'http': 'http://127.0.0.1:9999', 'https': 'http://127.0.0.1:9999'})
time.sleep(5)
print 'start..'
z.core.load_session('/root/Download/zaptmp/test.session') #Obviously this needs to be your session path
sites = z.core.sites
# Check that the session loaded... I'm printing, you could check count not zero, whatever
print 'Listing sites in loaded session:'
for site in sites:
print site
这篇关于如何将zap会话文件传递给dockerized zap扫描仪?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文