[Owasp-leaders] Does ZAP command line scan work for https:// site?
marian.ventuneac at owasp.org
Sun Nov 1 21:21:15 UTC 2015
Any outcome for the scan done on the https app?
On 1 Nov 2015 7:16 a.m., "Ali Razmjoo" <ali.razmjoo at owasp.org> wrote:
> Hello Marian,
> After some minutes I running the software, yet I don't see any result. and
> report.xml not create yet [scan isn't finish]
> any software I worked with before, have a real time output result, and let
> users know what it's working on, how much percent it
> gone [not so much important], or if there is any information
> gathering/sucess or unsuccess attacks/pentest, any warning, or ... will
> show to users.
> simple I can get you some examples : sqlmap project, vbscan project ,
> wpscan project and ...
> and by the way I ctrl + c on cmd and exit, there is no report.xml again. i
> think it would be better to make it write the report real time too
> and by the way it's my first time I install and used your project, I seen
> gui version and tested some modules, It's awesome software :)
> On Sat, Oct 31, 2015 at 7:57 PM, Marian Ventuneac <
> marian.ventuneac at owasp.org> wrote:
>> Can anyone confirm that ZAP command line quick scan works for https://
>> works fine - zap.bat -quickurl http://testsite -quickout
>> C:\path\to\report.xml -cmd
>> does produce an empty report - zap.bat -quickurl https://testsite
>> -quickout C:\path\to\report.xml -cmd
>> Any guidance/tips/tricks on getting the latter working is appreciated.
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders