How to run OWASP Zed Attack Proxy ZAP's zap-api-scan.py without requiring docker

Question

Is there a way to run zap-api-scan.py outside of docker?

I tried the below to run this python script outside of docker with below steps successfully. However, the script itself checks if it is running in docker and initiates docker via zap api if it is not running in docker.

git clone https://github.com/zaproxy/zaproxy.git
easy_install six
pip install python-owasp-zap-v2.4
pip uninstall chardet
pip install "chardet==3.0.2"

python zaproxy/docker/zap-api-scan.py

can I know where to add "Then you'll need to copy the custom scripts in your ZAP instance: github.com/zaproxy/zaproxy/tree/develop/docker/scripts/scripts/…" these files in zaproxy folder and "Then you'll need to run the rest of the script and double-check it's using the right policy and that the custom scripts are added correctly." what must be done here — paradox

Simon Bennetts Simon Bennetts · Accepted Answer · 2018-11-03T10:56:52

Answered on the ZAP User Group: https://groups.google.com/d/msg/zaproxy-users/ITE1W4V0H1Y/UFO6teGrBwAJ

Basically you just need to edit or comment out the parts that start ZAP in docker and ensure that your ZAP instance is configured in the same way the script sets ZAP up.

How to run OWASP Zed Attack Proxy ZAP's zap-api-scan.py without requiring docker

1 Answers