bdd-security
bdd-security copied to clipboard
iriusrisk
BDD Automated Security Tests for Web Applications
Lately I noticed the following error when bdd-security is running especially against a huge app/site 10802624 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Error scanning parameters for Path Traversal: Read timed out [java]...
Add a section to the existing config.xml file so that arbitrary ZAP config options can be passed through.
Whenever i run the "id scan_xss" in app_scan.story from terminal, instead of getting the status of which XSS attacks worked and for which field, i am getting a number of...
Is there a way to tell bdd-security which is using owasp-zap not to scan the whole application/website ex: Scan only http://mysite.com/thisapponly instead of http://mysite.com/
Nessus_scan
@continuumsecurity Nessus_scan story is missing: And the nessus username blablah and the password blablah
@continuumsecurity I know zap has a fuzzing functionality on the UI (fuzzer) but I cannot see it on the API. So I was think about including a fuzzing tool such...
@continuumsecurity I got some error while performing ant resolve in build.xml:208: /var/lib/jenkins/workspace/bdd-sec-lamin-test/lib/ivy not found