Skip to content

OWASP ZAP Integration

Jump to bottom
xer0dayz edited this page Jun 11, 2020 · 3 revisions

In order to setup OWASP ZAP integration, you will need to have ZAP running on the same host as Sn1per and the http/https proxy listening on port 8081/tcp.

In addition, you will need to enable the ZAP API service and disable the API key.

The last step is to update your /root/.sniper.conf file and enable the following setting:

ZAP_SCAN="1"

After, you can run the ‘webscan’ mode (ie. sniper -t 127.0.0.1 -m webscan -w 127.0.0.1). After the scan completes, all HTML reports will be saved to /usr/share/sniper/loot/workspace//web/zap-report-$TARGET-$DATE.html.

Copyright (c) Sn1perSecurity - https://sn1persecurity.com

Clone this wiki locally