logo ZAP Maven Plugin

OWASP Zed Attack Proxy (ZAP) Maven plugin

homepage: github.com/pdsoftplan/zap-maven-plugin
fresh index:
last release: 3 years ago, first release: 3 years ago
packaging: maven-plugin
get this artifact from: central
see this artifact on: search.maven.org

This chart shows how much is this artifact used as a dependency in other Maven artifacts in Central repository and GitHub:

select version:

Add this snippet into pom.xml inside tag <project><build><plugins>:

Switch to artifact.

Goal to execute a full analysis with ZAP. It will run the default Spider, and optionally the AJAX Spider, proceed with the Active Scan and generate the reports.


Run ZAP's Active Scan and generates the reports. No Spider is executed. This scan assumes that integration tests ran using ZAP as a proxy, so the Active Scan is able to use the navigation done during the tests for the scan. Normally this goal will be executed in the phase post-integration-test, while the goal {@code startZap} will run in the phase pre-integration-test, to make sure ZAP is running during the tests.


Starts ZAP. Normally this goal will be used along with the {@code seleniumAnalyze} goal. The usual configuration is to use {@code startZap} in the pre-integration-test, to make sure ZAP is running during the tests. If the tests are correctly configured, they will use ZAP's proxy to run the tests. The goal {@code seleniumAnalyze} can then be configured to run in the phase post-integration-test to run a ZAP analysis without a Spider (using the navigation done by the tests).

© Jiri Pinkas 2015 - 2019. All rights reserved. Admin login To submit bugs / feature requests please use this github page
related: JavaVids | Top Java Blogs | Java školení | 4npm - npm search | monitored using: sitemonitoring
Apache and Apache Maven are trademarks of the Apache Software Foundation. The Central Repository is a service mark of Sonatype, Inc.