[Owasp-leaders] Does ZAP command line scan work for https:// site?

Ali Razmjoo ali.razmjoo at owasp.org
Mon Nov 2 08:28:53 UTC 2015


Yup, that would be better and by the way I Didn't let it done to end, but
2.5 hours ago i started again on my vps and until now it's not done, and
there is no outcome too, i will let it until finish and if there is any
outcome or not i will share the result

On Monday, November 2, 2015, psiinon <psiinon at gmail.com> wrote:

> Hiya, can we move this discussion to the ZAP User Group please:
> http://groups.google.com/group/zaproxy-users
>
> No need to spam all of the other OWASP leaders :)
>
> Cheers,
>
> Simon
>
> On Sun, Nov 1, 2015 at 9:21 PM, Marian Ventuneac <
> marian.ventuneac at owasp.org
> <javascript:_e(%7B%7D,'cvml','marian.ventuneac at owasp.org');>> wrote:
>
>> Thanks Ali,
>>
>> Any outcome for the scan done on the https app?
>>
>> Regards,
>> Marian
>> On 1 Nov 2015 7:16 a.m., "Ali Razmjoo" <ali.razmjoo at owasp.org
>> <javascript:_e(%7B%7D,'cvml','ali.razmjoo at owasp.org');>> wrote:
>>
>>> Hello Marian,
>>>
>>> After some minutes I running the software, yet I don't see any result.
>>> and report.xml not create yet [scan isn't finish]
>>> any software I worked with before, have a real time output result, and
>>> let users know what it's working on, how much percent it
>>> gone [not so much important], or if there is any information
>>> gathering/sucess or unsuccess attacks/pentest, any warning, or ... will
>>> show to users.
>>> simple I can get you some examples : sqlmap project, vbscan project ,
>>> wpscan project and ...
>>> and by the way I ctrl + c on cmd and exit, there is no report.xml again.
>>> i think it would be better to make it write the report real time too
>>>
>>> and by the way it's my first time I install and used your project, I
>>> seen gui version and tested some modules, It's awesome software :)
>>>
>>>
>>>
>>> On Sat, Oct 31, 2015 at 7:57 PM, Marian Ventuneac <
>>> marian.ventuneac at owasp.org
>>> <javascript:_e(%7B%7D,'cvml','marian.ventuneac at owasp.org');>> wrote:
>>>
>>>> Hi,
>>>>
>>>> Can anyone confirm that ZAP command line quick scan works for https://
>>>> site?
>>>>
>>>> works fine - zap.bat -quickurl http://testsite -quickout
>>>> C:\path\to\report.xml -cmd
>>>>
>>>> does produce an empty report - zap.bat -quickurl https://testsite
>>>> -quickout C:\path\to\report.xml -cmd
>>>>
>>>> Any guidance/tips/tricks on getting the latter working is appreciated.
>>>>
>>>> Regards,
>>>> Marian
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> <javascript:_e(%7B%7D,'cvml','OWASP-Leaders at lists.owasp.org');>
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> <javascript:_e(%7B%7D,'cvml','OWASP-Leaders at lists.owasp.org');>
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> OWASP ZAP <https://www.owasp.org/index.php/ZAP> Project leader
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20151102/d18e1ec5/attachment.html>


More information about the OWASP-Leaders mailing list