support for OWASP ZAP

[SyCode7]

OWASP ZAP is one of the most popular open source web application vulnerability scanners. It will be really cool to support for it, I notice it isn't on the list of supported scanners. Otherwise, how could VulnWhisperer to extend to support it ?

[Skaldenmet]

I have no experience with ZAP but there is an API (https://github.com/zaproxy/zaproxy/wiki/ProposalPlugableReports) where you can get the report data. You just need to write a logstash filter to parse the information into ELK. Seems like a few hours work.

[SyCode7]

@Skaldenmet thanks a lot for your response. Asides importing the logs, It seems VulnWhisper has pre-configured dashboards for supported scanners. Are these dashboards extendable or does the logstash filter need to conform to a specified format ?

[qmontal]

@SyCode7 We intend to create a standard structure for the all the scan results processed by VulnWhisperer, which would allow the project to be more unified and modular, both for creating new modules for the project and for the ELK processing.

Currently this is not yet done, so if you integrated OWASP ZAP, you would need to create a logstash config file for it. It is a big project as it needs to be defined the standard, and we would also like to take into account ECS(#97).

Will keep updated.

[SyCode7]

@qmontal thank you so much for the encouraging update. Having a standardized format like ECS could ease integration efforts especially for users like me. I will be on the watch out !!