search

ashenchowthee / zaproxy

Automatically exported from code.google.com/p/zaproxy
0 stars 0 forks source link

SQL injection should be excluded/skipped in Active scan when Technology/Db is unchecked #1628

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
When there is a need to scan a static site which you already know it doesn't 
talk to a DB, the SQL injection step should not occur during active scan.
This could save time.

What steps will reproduce the problem?
1. Start an Active scan and uncheck 'Db'.
2. Start the scan and notice that 'SQL injection' is processed.

What is the expected output? What do you see instead?
'SQL injection' should be excluded or automatically skipped.

What version of the product are you using? On what operating system?
2.4.0 / Win7, 64-bit

Please provide any additional information below.
See attached screenshot.

Original issue reported on code.google.com by ath...@gmail.com on 8 May 2015 at 8:50

Attachments:

GoogleCodeExporter commented 9 years ago

Original comment by psii...@gmail.com on 8 May 2015 at 8:51

GoogleCodeExporter commented 9 years ago

Original comment by THC...@gmail.com on 8 May 2015 at 1:00