-
Notifications
You must be signed in to change notification settings - Fork 10
Key Terminology
Key terminology with reference to the zap-automation library.
ZAP's active scan is an invasive attack. During the active scan ZAP manipulates the requests and attacks the provided testUrl in an attempt to find potential vulnerabilities. An active scan should be run only against services/application that you own for the purpose of security testing.
By default the active scan is turned off in zap-automation library. Teams interested in running an active scan using this library should set activeScan:true in their application.conf.
More information about active scans can be found here.
A Zap context limits the scope of the test to the domain and technologies provided and excludes any routes that needs to be ignored.
The library makes uses of pre-defined parameters in the application.conf to create a Zap context.
More information about ZAP's Context can be found here
A non invasive scan that checks for security vulnerabilities by analysing the requests and responses that are proxied through via ZAP.
We do not trigger a passive scans as requests/responses are scanned as they're proxied via ZAP.
More information about passive scan can be found here.
The ZAP policy defines the rules of an active scan. When executed, the library sets up a policy which contains the scanners to be used during the active scan.
More information about Zap Policy can be found here.
Zap uses the spider scan to discover new resources (URLs) on a particular site within a given context by analysing the contents of the pages it holds in it's session. While the spider scan runs ZAP runs a passive scan against all requests and response.
The zap-automation library uses the testUrl provided in the application.conf as a seed for the spider.
More information about spider scans can be found here.