MZAP : Multiple Target ZAP Scanning

R K

September 16, 2020

MZAP is a multiple target ZAP Scanning / mzap is a tool for scanning N*N in ZAP.

Concept

Installation

go-get

$ go get -u github.com/hahwul/mzap

snapcraft

$ sudo snap install mzap –devmode

homebrew

$ brew tap hahwul/mzap
$ brew install mzap

Usage

Usage:
mzap [command]

Available Commands:
ajaxspider Add AjaxSpider ZAP
ascan Add ActiveScan ZAP
help Help about any command
spider Add ZAP spider
stop Stop Scanning
version Show version

Flags:
–apikey string ZAP API Key / if you disable apikey, not use this option
–apis string ZAP API Host(s) address
e.g –apis http://localhost:8090,http://192.168.0.4:8090 (default “http://localhost:8090”)
–config string config file (default is $HOME/.mzap.yaml)
-h, –help help for mzap
–urls string URL list file / e.g –urls hosts.txt

$ mzap spider –urls sample/target.txt
INFO[0000] Start Prefix=/JSON/spider/action/scan/ Size of Target=17
INFO[0000] Added Target=”http://testphp.vulnweb.com/” ZAP API=”http://localhost:8090″
INFO[0000] Added Target=”http://www.hahwul.com” ZAP API=”http://localhost:8090″

Download

MZAP : Multiple Target ZAP Scanning

APPLICATIONS

PacketStreamer : Distributed Tcpdump For Cloud Native Environments

WPA2 Handshake Automation Tool – A Quick Guide

AutomatedLab : A Provisioning Solution And Framework That Lets You Deploy Complex Labs On...

Subfinder : A Subdomain Discovery Tool To Find Valid Websites Subdomains

HOT NEWS

S3BucketList : Firefox Plugin That Lists Amazon S3 Buckets Found In...

EVEN MORE NEWS

Bomber : Navigating Security Vulnerabilities In SBOMs

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In...

Exploit Street – Navigating The New Terrain Of Windows LPEs

POPULAR CATEGORY

PwnedOrNot : OSINT Tool to Find Passwords for Compromised Email Addresses

Fastfuz-Chrome-Ext : Site Fast Fuzzing With Chorme Extension

On-The-Fly : Tool Which Gives Capabilities To Perform Pentesting Tests In...