Last active
September 3, 2017 12:09
-
-
Save thomashartm/95ddad6ff7f5534f54584ba5b27eb14c to your computer and use it in GitHub Desktop.
Set up a local ZAP test environment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First start zap locally. | |
| # Starts Zap in daemon mode listening on port 9999 bound to all interfaces with API key disabled | |
| ./zap.sh -daemon -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true | |
| # Starts Zap UI listening on port 9999 bound to all interfaces with API key disabled | |
| ./zap.sh -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true | |
| # Starts Zap in daemon mode listening on port 9999 bound to all interfaces with API key disabled and an http sender script enabled | |
| ./zap.sh -daemon -host 0.0.0.0 -port 9999 -addoninstallall -config api.disablekey=true -config api.incerrordetails=true -config script.scripts.name="SenderExample" -config script.scripts.engine="Oracle Nashorn" -config script.scripts.type=httpsender -config script.scripts.enabled=true -config script.scripts.file="scripts/httpsender/sender-example.js" -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true | |
| # Now install python api | |
| # install pip if not available | |
| sudo easy_install pip | |
| # install zap python api | |
| sudo pip install python-owasp-zap-v2.4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment