-
-
Notifications
You must be signed in to change notification settings - Fork 135
HelpUiTabsAscan
The Active Scan tab allows you to perform an active scan.
The 'Scan Policy Manager' button shows the Scan Policy Manager dialog which allows configuration of scan policies.
The 'New Scan' button launches the Active Scan dialog which allows you to specify exactly what should be scanned.
The toolbar provides a set of buttons which allow you to start, stop, pause and resume the scan selected. A progress bar shows how far the scan of the selected site has progressed. The 'Current scans' value shows how many scans are currently active - hovering over this value will show a list of the sites being scanned in a popup. The 'Show scan progress details' button launches the Scan Progress dialog which allows you to see details about which rules are running, skip individual rules and see a chart of the responses.
Right clicking on a node will bring up a menu which will allow you to:
This menu has the following submenus:
This will exclude the selected nodes from the proxy. They will still be proxied via ZAP but will not be shown in any of the tabs. This can be used to ignore URLs that you know are not relevant to the system you are currently testing. The nodes can be included again via the Session Properties dialog
This will prevent the selected nodes from being actively scanned. The nodes can be included again via the Session Properties dialog
This will prevent the selected nodes from being spidered. The nodes can be included again via the Session Properties dialog
This will bring up the Manual Request Editor dialog which allows you to resend the request after making any changes to it that you want to.
This will bring up the Add Alert dialog which allows you to manually record a new alert against this request.
This will show the selected message in the Sites tab.
This will open the URL of the selected node in your default browser.
UI Overview | for an overview of the user interface | |
Options Active Scan screen | for details of the active scan configuration |
-
ZAP User Guide
- Introduction
-
Getting Started
- Configuring proxies
-
Features
- Active Scan
- Add-ons
- Alerts
- Anti CSRF Tokens
- API
- Authentication
- Break Points
- Callbacks
- Contexts
- Data Driven Content
- Filters
- Globally Excluded URLs
- HTTP Sessions
- Man-in-the-middle Proxy
- Modes
- Notes
- Passive Scan
- Scan Policies
- Scope
- Session Management
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- Scanner Rules
- A Simple Penetration Test
-
The User Interface
- Overview
- The Top Level Menu
- The Top Level Toolbar
- The Tabs
-
The Dialogs
- Active Scan
- Add Alert
- Add Break Point
- Add Note
- Encode/Decode/Hash
- Filter
- Find
- History Filter
- Manual Request Editor
- Manage Add-ons
- Manage Tags
-
Options
- Active Scan
- Active Scan Input Vectors
- Alerts
- Anti CSRF Tokens
- API
- Breakpoints
- Callback Address
- Certificate
- Check for Updates
- Connection
- Database
- Display
- Dynamic SSL Certificates
- Extensions
- Global Exclude URL
- HTTP Sessions
- JVM
- Keyboard
- Language
- Local Proxies
- Passive Scan Rules
- Passive Scan Tags
- Passive Scanner
- Rule Configuration
- Scripts
- Search
- Spider
- Statistics
- Persist Session
- Resend
- Scan Policy Manager
- Scan Progress
- Session
- Spider
- The Footer
- Command Line
- Add Ons
- Releases
- Paros Proxy
- Credits