BitMaster/Sn1per
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Page: OWASP ZAP Integration
Pages
Burpsuite Professional Integration Censys API Integration GVM 21.x Integration Github API Integration Home Hunter.io API Integration Metasploit Integration Nessus Integration OWASP ZAP Integration OpenVAS Integration Plugins & Tools Sc0pe Templates Scheduled Scans Shodan Integration Slack API Integration Sn1per Configuration Options Sn1per Configuration Templates WPScan API Integration
Clone
3
OWASP ZAP Integration
xer0dayz edited this page 2022-01-14 17:23:18 -07:00
Unescape Escape
Table of Contents
This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Requirements

OWASP ZAP integration requires the following python module to function.

pip3 install python-owasp-zap-v2.4

Setup

In order to setup OWASP ZAP integration, you will need to have ZAP running on the same host as Sn1per and the http/https proxy listening on port 8081/tcp.

In addition, you will need to enable the ZAP API service and disable the API key.

The last step is to update your /root/.sniper.conf file and enable the following setting:

ZAP_SCAN="1"

Scanning

After, you can run the webscan mode (ie. sniper -t 127.0.0.1 -m webscan -w 127.0.0.1). After the scan completes, all HTML reports will be saved to /usr/share/sniper/loot/workspace/WORKSPACE_ALIAS_HERE/web/zap-report-$TARGET-$DATE.html.

Copyright (c) Sn1perSecurity - https://sn1persecurity.com