In this episode, Simon shows us how to package together ZAP Contexts, Authentication, and Scan Hooks to run an Automated Scan with the Docker scan image! This is great reference for using ZAP in a highly repeatable, automated fashion.
In this video, Simon uses Bodgeit which you can find here. [ Ссылка ]
Table of Contents:
01:22 - ZAPCon 2021 - March 9th [ Ссылка ]
01:34 - Automation against Bodgeit
03:50 - Running a Basic Baseline Scan with Dock
07:17 - Adding a User to Bodgeit
09:00 - Creating A Context for Bodgeit
13:22 - Using Forced User Mode
16:14 - Using the ZAP API to verify Authentication
17:39 - Setting The Logged Out Indicator
19:54 - Tying it all together in Automation
23:11 - Implementing a Post Scan Hool
26:57 - Q & A
