OWASP Zed Attack Proxy (ThreadFix 3.X)
You will learn
How to generate a report in OWASP ZAP and upload it to ThreadFix.
Prerequisites
Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: N/A
Generate Results
After Launching ZAP, there are two options for obtaining results to generate a report:
Select New Session and generate a new set of result
Select Open Session and select a pre-populated session
Enter Target into URL to attack and select Attack:
After ZAP finishes its attack, from the Report menu select Generate XML Report... and save to the desired directory:
Upload Results
After generating a report, log in to ThreadFix and navigate to the Portfolio page, found on the Navigation sidebar under the Application sub-menu.
Expand the Team the report will be uploaded to:
After picking one of the Team's applications, select Upload Scan and drag the report into the pane:
Alternately, users can upload the file via the Upload Scan API call.Once ThreadFix finishes processing the report, the results can be viewed on the individual application's page:
Table of Contents
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.