Zed Attack Proxy 2.0.0
App Vendor: OWASP ZAP
App Category: Vulnerability Management
Connector version: 2.0.0
API Version: 2.10.0
About App
This connector allows the analyst to connect to OWASP ZAP API and start a spider, do scans and provide results.
The OWASP ZAP connector is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Run Spider Scan | This action runs a spider scan against the given URL. |
View Spider Scan Status | This action retrieves a spider scan status. |
View Spider Scan Results | This action retrieves the results of a spider scan. |
Set Spider Max Childen Nodes | This action sets a maximum limit for the number of children scanned. The value 0 denotes no limit. |
Get Spider Max Childen Nodes | This action retrieves the maximum number of children nodes that can be crawled. The value 0 denotes no limit. |
Set Spider Max Scan Depth | This action sets a maximum depth for the spider scan crawl. The value 0 denotes no limit. |
Get Spider Scan Max Depth | This action retrieves the maximum depth limit the spider scan can crawl. The value 0 denotes no limit. |
Set Spider Max Scan Duration | This action sets the maximum duration for the spider scan. The value 0 denotes no limit. |
Get Spider Max Scan Duration | This action retrieves the maximum duration of the spider scan. The value 0 denotes no limit. |
Set Spider Max Parse Size | This action sets the limit for the amount of data parsed by the spider scan. This allows the spider scan to skip the big responses/files. |
Get Spider Max Scan Parse Size | This action retrieves the amount of data to be parsed by the spider. |
Enable All Passive Scanners | This action enables all the passive scanners. |
Enable Specific Passive Scanners | This action enables specific passive scanners with the provided IDs. |
View Active Scan Status | This action retrieves the status of active scans. |
View Active Scan Progress | This action retrieves the progress details of an active scan. |
View Active Scans | This action retrieves the status of all active scans. |
View Active Scan Policies | This action retrieves the policies for active scans. |
View Active Scan Option to Handle Anti CSRF Token | This action retrieves the active scan option details to handle the anti-CSRF token. |
View Active Scan Header All Requests | This action retrieves suggestions to scan HTTP headers of all requests. |
Run Active Scan | This action runs the active scanner against the given URL and context. |
View Alert | This action retrieves the details of an alert with the given ID. |
View All Alerts | This action retrieves all alerts raised by ZAP. |
View Alerts Summary | This action retrieves a summary of all alerts. |
View Alerts By Risk | This action retrieves alerts based on alert risk. |
Configuration Parameters
The following configuration parameters are required for the OWASP ZAP app to communicate with the OWASP ZAP enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the host URL for your ZAP application API endpoint. Example: "https://172.1.31.256:8080" | Text | Required | |
Target URL | Enter the API endpoint URL to connect and authenticate the OWASP ZAP application. Example: "https://www.example.com" | Text | Required | |
API Key | Enter the API key for authentication. | Password | Required |
Action: Run Spider Scan
This action runs a spider scan against the given URL.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Maximum number of children nodes | Enter the maximum number of children nodes to use for the scan. Example: 2 | Integer | Optional | Default value: None |
Seed recursively | Enter your preference for seeding the URL recursively. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
Context name | Enter your preference to restrict your scan to a context. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
Sub tree only | Enter your preference to restrict the spider scan under a site`s sub-tree. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
Example Request
[
{
"max_children": 2,
"recurse": True,
"context_name": True,
"sub_tree_only": True
}
]Action: View Spider Scan Status
This action retrieves a spider scan status.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan ID | Enter the scan ID to retrieve the status. Example: 3424 | Integer | Optional |
Example Request
[
{
` "scan_id": 3424
}
]Action: View Spider Scan Results
This action retrieves the results of a spider scan.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan ID | Enter the scan ID. Example: 2312 | Integer | Optional |
Example Request
[
{
"scan_id": 2312
}
]Action: Set Spider Max Childen Nodes
This action sets a maximum limit for the number of children scanned. The value 0 denotes no limit.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Nodes | Enter the number of child nodes to be used for the children's scan. Example: 4 | Integer | Optional |
Example Request
[
{
"nodes": 4
}
]Action: Get Spider Max Childen Nodes
This action retrieves the maximum number of children nodes that can be crawled. The value 0 denotes no limit.
Action Input Parameters
This action does not require any input parameter.
Action: Set Spider Max Scan Depth
This action sets a maximum depth for the spider scan crawl. The value 0 denotes no limit.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Depth | Enter the maximum depth limit of the spider scan crawl. Example: 3 | Integer | Optional |
Example Request
[
{
"depth": 3
}
]Action: Get Spider Scan Max Depth
This action retrieves the maximum depth limit the spider scan can crawl. The value 0 denotes no limit.
Action Input Parameters
This action does not require any input parameter.
Action: Set Spider Max Scan Duration
This action sets the maximum duration for the spider scan. The value 0 denotes no limit.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Duration in minutes | Enter the maximum duration for the spider scan to run. Example: 4 | Integer | Optional |
Example Request
[
{
"duration": 4
}
]Action: Get Spider Max Scan Duration
This action retrieves the maximum duration of the spider scan. The value 0 denotes no limit.
Action Input Parameters
This action does not require any input parameter.
Action: Set Spider Max Parse Size
This action sets the limit for the amount of data parsed by the spider scan. This allows the spider scan to skip the big responses/files.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Size in bytes | Enter the maximum data to be parsed in bytes. Example: 1000000 | Integer | Optional | Enter the value as 1000000 bytes for 1 MB. |
Example Request
[
{
"size": 1000000
}
]Action: Get Spider Max Scan Parse Size
This action retrieves the amount of data to be parsed by the spider.
Action Input Parameters
This action does not require any input parameter.
Action: Enable All Passive Scanners
This action enables all the passive scanners.
Action Input Parameters
This action does not require any input parameter.
Action: Enable Specific Passive Scanners
This action enables specific passive scanners with the provided IDs.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Passive scanner IDs | Enter the passive scan ID you want to enable. Enter multiple scan IDs as a comma-separated list. Example: 2356 | Integer | Required |
Example Request
[
{
"ids": 2356
}
]Action: View Active Scan Status
This action retrieves the status of active scans.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan IDs | Enter the active scan IDs to retrieve the status. Enter multiple scan IDs as comma-separated list. Example: 3497 | Integer | Optional |
Example Request
[
{
"scan_id": "3497"
}
]Action: View Active Scan Progress
This action retrieves the progress details of an active scan.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan IDs | Enter the scan ID to retrieve the progress details. Enter multiple scan IDs as a comma-separated list. Example: 56 | Integer | Optional |
Example Request
[
{
"scan_id": 56
}
]Action: View Active Scans
This action retrieves the status of all active scans.
Action Input Parameters
This action does not require any input parameter.
Action: View Active Scan Policies
This action retrieves the policies for active scans.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Scan policy name | Enter the name of the scan policy, which defaults to none. Example: "exception_policy_for_internal_pages" | Text | Optional | |
Policy ID | Enter the policy ID to retrieve details. Example: 73 | Integer | Optional |
Example Request
[
{
"scan_policy_name": "exception_policy_for_internal_pages",
"policy_id": 73
}
]Action: View Active Scan Option to Handle Anti CSRF Token
This action retrieves the active scan option details to handle the anti-CSRF token.
Action Input Parameters
This action does not require any input parameter.
Action: View Active Scan Header All Requests
This action retrieves suggestions to scan HTTP headers of all requests.
Action Input Parameters
This action does not require any input parameter.
Action: Run Active Scan
This action runs the active scanner against the given URL and context.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Recurse | Enter the URL to run the active scan. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
In scope only | Enter the constrain to scan the URLs that are in the scope. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
Scan policy name | Enter the policy name to run the active scan. Example: "exlusion_policy" | Text | Optional | |
Method | Enter the parameter to allow selecting a given request in conjunction with the given URL. Example: "GET" | Text | Optional | Default value: None |
Post data | Enter the parameter that allows selecting a given request in conjunction with the given URL. Example: "X-Force- Parameters" | Text | Optional | Default value: None |
Context ID | Enter the context ID to run the active scan. Contexts are a way of relating a set of URLs together. Example: 24 | Integer | Optional | Default value: None |
Example Request
[
{
"recurse": True,
"in_scope_only": True,
"scan_policy_name": "exlusion_policy",
"method": "GET",
"post_data": "X-Force- Parameters",
"context_id": 24
}
]Action: View Alert
This action retrieves the details of an alert with the given ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Message IDs | Enter the message ID to obtain the HTTP message details. Example: 46 | Integer | Optional |
Example Request
[
{
"message_id": 46
}
]Action: View All Alerts
This action retrieves all alerts raised by ZAP.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the API endpoint URL to connect and authenticate the OWASP ZAP application. Example: "https://www.example.com" | Text | Optional | |
Start | Enter the start page to use pagination in the results. Example: 3 | Integer | Optional | Note: The value 10 started from the tenth index. |
Count | Enter the total count to retrieve the alerts. Example: 50 | Integer | Optional | Note: The value 100 denotes 100 alerts. |
Risk ID | Enter the risk ID to filter alerts based on identified risks. Example: 89 | Integer | Optional |
Example Request
[
{
"base_url": "https://www.example.com",
"start": 3,
"count": 50,
"risk_id": 89
}
]Action: View Alerts Summary
This action retrieves a summary of all alerts.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Target URL | Enter the target URL to filter results based on the URL. Example: "www.example.com" | Text | Optional |
Example Request
[
{
"target_url": "www.example.com"
}
]Action: View Alerts By Risk
This action retrieves alerts based on alert risk.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
URL | Enter the URL to filter based on risk. Example: "www.example.com" | Text | Optional | |
Recurse | Enter your preference to retrieve alerts recursively. Example: Yes/No | Boolean | Optional | Allowed values:
Default value: No |
Example Request
[
{
"url": "www.example.com",
"recurse": Yes
}
]