Due to some maintenance issues, this service has been switched in read-only mode, you can find more information about the why

and how to migrate your plugin documentation in this blogpost

Skip to end of metadata
Go to start of metadata






System Installed: Install/Extract ZAP

  1. Download ZAP
    • ZAP releases can be found here.

    • The .exe of the version (ZAP 2.6.0 Standard) which was used to test this release can be found here.

      Notice: If you're using a weekly release, remember that the weekly releases are removed after a while (there's no fixed schedule for it).


  2. Determine path
    • Determine where to keep ZAP, in my case ZAP is located in C:\Development\OWASP\Zed Attack Proxy\2.6.0\






System Installed: Environment Variable

  1. Setup your %ZAPROXY_HOME% Environment Variable

    Info: Remember to add %ZAPROXY_HOME% to your %PATH%.


  2. Setup your %ZAPROXY_SETTINGS% Environment Variable

    Info: Remember to add %ZAPROXY_SETTINGS% to your %PATH%.

    Notice: Remember that if you're using a weekly release, %ZAPROXY_SETTINGS% will have a _D appeneded to the folder name.






System Installed: .bat Modification

 


Info: Ensure correct .jar is used.

  1. Add %ZAPROXY_HOME%
  2. Add double quotes

    Required: The double quotes are mandatory if %ZAPROXY_HOME% has spaces. Otherwise it's an optional addition.

  3. Increase allocated RAM 






System Installed: Shortcut (Optional)

Desktop shortcut

Create a shortcut to %COMSPEC% /k cd %HOMEDRIVE%%HOMEPATH% && "%ZAPROXY_HOME%\zap.bat" -installdir "%ZAPROXY_HOME%" .

 

Required: Name the Shortcut Zed Attack Proxy. Once created:

  1. Right click on it and open properties
  2. Go to Shortcut tab
  3. Click on Advanced...
  4. Select Run as administrator
  5. Save your changes

Info: If this works then it should also work from Jenkins.






System Installed: Job Configuration

 

 

  1. Select System Installed
     
  2. Specify ZAP Home
     
  3. Specify Initialization Timeout
     
  4. Add ZAP command line options
     
    • Please see HelpCmdline for more information.

      Notice: Adding ZAP command line options can interfere with other UI option of the plugin. USE WITH CAUTION.

      Notice: The only required command line option is installdir as indicated above. If %ZAPROXY_HOME% contains spaces in the path, remember to use double quotes as indicated in the illustration above.

  • No labels