Last active
September 9, 2022 14:43
-
-
Save ritesh/2fcd9fd32995ffeb30f1 to your computer and use it in GitHub Desktop.
Docker compose for ZAP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| target: | |
| # The target application we want to scan | |
| image: szsecurity/webgoat | |
| # The port that the application is available on. | |
| # If the application runs on a non-standard port, | |
| # you can map it to 80 for convenience by using | |
| # ports | |
| # - "80:8080" | |
| expose: | |
| - "80" | |
| zaproxy: | |
| image: owasp/zap2docker-stable | |
| command: zap.sh -daemon -port 8090 -host 0.0.0.0 | |
| expose: | |
| # ZAP is running on 8090, we want it to be accessible by our tools | |
| - "8090" | |
| links: | |
| - target | |
| tooling: | |
| build: tools/. | |
| # Runzap.py contains the commands to run ZAP on the target application | |
| command: python tools/runzap.py | |
| links: | |
| - zaproxy | |
| # Reports end up here! | |
| volumes: | |
| - ./:/code |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
can you please paste the
tools/runzap.py