logo ZAP Maven Plugin

OWASP Zed Attack Proxy (ZAP) Maven plugin

homepage: github.com/pdsoftplan/zap-maven-plugin
fresh index:
last release: 2 years ago, first release: 3 years ago
packaging: maven-plugin
get this artifact from: central
see this artifact on: search.maven.org




This chart shows how much is this artifact used as a dependency in other Maven artifacts in Central repository and GitHub:


select version:

Add this snippet into pom.xml inside tag <project><build><plugins>:




Switch to artifact.
goals:
zap:analyze

Goal to execute a full analysis with ZAP. It will run the default Spider, and optionally the AJAX Spider, proceed with the Active Scan and generate the reports.

zap:seleniumAnalyze

Run ZAP's Active Scan and generates the reports. No Spider is executed. This scan assumes that integration tests ran using ZAP as a proxy, so the Active Scan is able to use the navigation done during the tests for the scan. Normally this goal will be executed in the phase post-integration-test, while the goal {@code startZap} will run in the phase pre-integration-test, to make sure ZAP is running during the tests.

zap:startZap

Starts ZAP. Normally this goal will be used along with the {@code seleniumAnalyze} goal. The usual configuration is to use {@code startZap} in the pre-integration-test, to make sure ZAP is running during the tests. If the tests are correctly configured, they will use ZAP's proxy to run the tests. The goal {@code seleniumAnalyze} can then be configured to run in the phase post-integration-test to run a ZAP analysis without a Spider (using the navigation done by the tests).


© Jiri Pinkas 2015 - 2018. All rights reserved. Admin login To submit bugs / feature requests please use this github page
related: JavaVids | Top Java Blogs | Java školení | 4npm - npm search | monitored using: sitemonitoring
Apache and Apache Maven are trademarks of the Apache Software Foundation. The Central Repository is a service mark of Sonatype, Inc.