@continuous-security/scanner-zed-attack-proxy
v1.8.1
Published
Run ZAP against your application.
Downloads
16
Maintainers
Readme
Zed Attack Proxy
Usage
Use this security scanner with the continuous-security application.
Configuration
This scanner requires a target URL to scan and can be configured as follows:
.continuous-security.yml
scanners:
- name: "@continuous-security/scanner-zed-attack-proxy"
with:
target: http://example.com
To target a service you have started locally, you can use the target http://host.docker.internal
to connect.
For example if you are testing this example express js application.
const express = require('express');
const app = express();
const port = 3000;
app.get('/', (req, res) => {
res.send('Hello World!');
});
app.listen(port, () => {
console.log(`Example app listening on port ${port}`);
});
Use this configuration
scanners:
- name: "@continuous-security/scanner-zed-attack-proxy"
with:
target: http://172.17.0.1:3000
And run the following commands
node app.js & continuous-security scan