[Owasp-leaders] Does ZAP command line scan work for https:// site?

Marian Ventuneac marian.ventuneac at owasp.org
Sun Nov 1 21:21:15 UTC 2015


Thanks Ali,

Any outcome for the scan done on the https app?

Regards,
Marian
On 1 Nov 2015 7:16 a.m., "Ali Razmjoo" <ali.razmjoo at owasp.org> wrote:

> Hello Marian,
>
> After some minutes I running the software, yet I don't see any result. and
> report.xml not create yet [scan isn't finish]
> any software I worked with before, have a real time output result, and let
> users know what it's working on, how much percent it
> gone [not so much important], or if there is any information
> gathering/sucess or unsuccess attacks/pentest, any warning, or ... will
> show to users.
> simple I can get you some examples : sqlmap project, vbscan project ,
> wpscan project and ...
> and by the way I ctrl + c on cmd and exit, there is no report.xml again. i
> think it would be better to make it write the report real time too
>
> and by the way it's my first time I install and used your project, I seen
> gui version and tested some modules, It's awesome software :)
>
>
>
> On Sat, Oct 31, 2015 at 7:57 PM, Marian Ventuneac <
> marian.ventuneac at owasp.org> wrote:
>
>> Hi,
>>
>> Can anyone confirm that ZAP command line quick scan works for https://
>> site?
>>
>> works fine - zap.bat -quickurl http://testsite -quickout
>> C:\path\to\report.xml -cmd
>>
>> does produce an empty report - zap.bat -quickurl https://testsite
>> -quickout C:\path\to\report.xml -cmd
>>
>> Any guidance/tips/tricks on getting the latter working is appreciated.
>>
>> Regards,
>> Marian
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151101/10167d0c/attachment.html>


More information about the OWASP-Leaders mailing list