search

iriusrisk / bdd-security

BDD Automated Security Tests for Web Applications
http://www.continuumsecurity.net/bdd-intro.html
GNU Affero General Public License v3.0
563 stars 178 forks source link

Embedded proxy ZAP with chrome driver #39

Open lowly2005 opened 8 years ago

lowly2005 commented 8 years ago

I have this error when I'm trying to use ZAP scan 

6385 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Loading extensions
     [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getProxyHost
     [java] WARNING: Error starting embedded ZAP
     [java] java.lang.RuntimeException: Unable to connect to ZAP's proxy after 15000 milliseconds.
     [java]     at net.continuumsecurity.scanner.ZapManager.waitForSuccessfulConnectionToZap(ZapManager.java:98)
     [java]     at net.continuumsecurity.scanner.ZapManager.startZAP(ZapManager.java:62)
     [java]     at net.continuumsecurity.Config.getProxyHost(Config.java:193)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.createProxyCapabilities(DriverFactory.java:164)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.createProxyDriver(DriverFactory.java:119)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.findOrCreate(DriverFactory.java:95)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.getDriver(DriverFactory.java:64)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.getProxyDriver(DriverFactory.java:54)
     [java]     at net.continuumsecurity.web.WebApplication.enableHttpLoggingClient(WebApplication.java:92)
     [java]     at net.continuumsecurity.steps.WebApplicationSteps.enableLoggingDriver(WebApplicationSteps.java:239)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     [java]     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     [java]     at java.lang.reflect.Method.invoke(Method.java:497)
     [java]     at org.jbehave.core.steps.StepCreator$ParameterisedStep.perform(StepCreator.java:569)
     [java]     at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:533)
     [java]     at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:513)
     [java]     at org.jbehave.core.embedder.StoryRunner.runScenarioSteps(StoryRunner.java:477)
     [java]     at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:308)
     [java]     at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220)
     [java]     at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181)
     [java]     at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:235)
     [java]     at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:207)
     [java]     at java.util.concurrent.FutureTask.run(FutureTask.java:266)
     [java]     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
     [java]     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
     [java]     at java.lang.Thread.run(Thread.java:745)
     [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.scanner.ZapManager startZAP
     [java] INFO: ZAP already started.
     [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getDefaultDriverPath
     [java] INFO: No path to the defaultDriver specified in config.xml, using auto-detection.
     [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getDefaultDriverPath
     [java] INFO: Using driver at: drivers\chromedriver.exe
     [java] Starting ChromeDriver 2.20.353145 (343b531d31eeb933ec778dbcf7081628a1396067) on port 1694
     [java] Only local connections are allowed.
iriusrisk commented 8 years ago

The latest version has debug logging showing which port ZAP was started on and also which port BDD-Sec tries to connect to. Try with this version and look through the output for:

"Start ZAProxy” and "Attempting to connect to ZAP API”

On 9 Dec 2015, at 09:45, lowly2005 notifications@github.com wrote:

I have this error when I'm trying to use ZAP scan

6385 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory - Loading extensions [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getProxyHost [java] WARNING: Error starting embedded ZAP [java] java.lang.RuntimeException: Unable to connect to ZAP's proxy after 15000 milliseconds. [java] at net.continuumsecurity.scanner.ZapManager.waitForSuccessfulConnectionToZap(ZapManager.java:98) [java] at net.continuumsecurity.scanner.ZapManager.startZAP(ZapManager.java:62) [java] at net.continuumsecurity.Config.getProxyHost(Config.java:193) [java] at net.continuumsecurity.web.drivers.DriverFactory.createProxyCapabilities(DriverFactory.java:164) [java] at net.continuumsecurity.web.drivers.DriverFactory.createProxyDriver(DriverFactory.java:119) [java] at net.continuumsecurity.web.drivers.DriverFactory.findOrCreate(DriverFactory.java:95) [java] at net.continuumsecurity.web.drivers.DriverFactory.getDriver(DriverFactory.java:64) [java] at net.continuumsecurity.web.drivers.DriverFactory.getProxyDriver(DriverFactory.java:54) [java] at net.continuumsecurity.web.WebApplication.enableHttpLoggingClient(WebApplication.java:92) [java] at net.continuumsecurity.steps.WebApplicationSteps.enableLoggingDriver(WebApplicationSteps.java:239) [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [java] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [java] at java.lang.reflect.Method.invoke(Method.java:497) [java] at org.jbehave.core.steps.StepCreator$ParameterisedStep.perform(StepCreator.java:569) [java] at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:533) [java] at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:513) [java] at org.jbehave.core.embedder.StoryRunner.runScenarioSteps(StoryRunner.java:477) [java] at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:308) [java] at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220) [java] at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181) [java] at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:235) [java] at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:207) [java] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [java] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [java] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [java] at java.lang.Thread.run(Thread.java:745) [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.scanner.ZapManager startZAP [java] INFO: ZAP already started. [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getDefaultDriverPath [java] INFO: No path to the defaultDriver specified in config.xml, using auto-detection. [java] Dec 09, 2015 3:38:57 AM net.continuumsecurity.Config getDefaultDriverPath [java] INFO: Using driver at: drivers\chromedriver.exe [java] Starting ChromeDriver 2.20.353145 (343b531d31eeb933ec778dbcf7081628a1396067) on port 1694 [java] Only local connections are allowed. — Reply to this email directly or view it on GitHub https://github.com/continuumsecurity/bdd-security/issues/39.

lowly2005 commented 8 years ago

Here is what I got : 


     [java]
     [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager startZAP
     [java] INFO: Setting upstream proxy for ZAP to: :80
     [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager startZAP
     [java] INFO: Start ZAProxy [C:***********\zap\zap.bat] on port: 58639
     [java] Given a new browser instance
     [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java]
     [java] C:**************\zap>if exist "**********\OWASP ZAP\.ZAP_JVM.properties" (set /p jvmopts= 0<"\******\OWASP ZAP\.ZAP_JVM.pr
operties" )  else (set jvmopts=-Xmx512m )
     [java]
     [java] C:**************\zap>java -Xmx512m -jar zap-2.4.3.jar -daemon -host 127.0.0.1 -port 58639 -dir tmp -config scanner.threadPerHost=20 -config spider.thre
ad=10 -config api.key=zapapisecret -config connection.proxyChain.hostName= -config connection.proxyChain.port=80 -config connection.proxyChain.enabled=true
     [java] Dec 09, 2015 3:36:42 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] Dec 09, 2015 3:36:44 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] Dec 09, 2015 3:36:46 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] Dec 09, 2015 3:36:48 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] Dec 09, 2015 3:36:50 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] 0 [main] INFO org.zaproxy.zap.DaemonBootstrap  - OWASP ZAP 2.4.3 started.
     [java] Dec 09, 2015 3:36:52 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] 1983 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open start
     [java] 1997 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open end
     [java] 3398 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config api.key = zapapisecret was zapapisecret
     [java] Dec 09, 2015 3:36:54 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
     [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
     [java] 3399 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config spider.thread = 10 was 10
     [java] 3400 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config connection.proxyChain.hostName =  was
     [java] 3401 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config connection.proxyChain.port = 80 was 80
     [java] 3401 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config scanner.threadPerHost = 20 was 20
     [java] 3403 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config connection.proxyChain.enabled = true was false
     [java] 3408 [main] INFO org.parosproxy.paros.network.SSLConnector  - Reading supported SSL/TLS protocols...
     [java] 3408 [main] INFO org.parosproxy.paros.network.SSLConnector  - Using a SSLEngine...
     [java] Dec 09, 2015 3:36:55 PM net.continuumsecurity.Config getProxyHost
     [java] WARNING: Error starting embedded ZAP
     [java] java.lang.RuntimeException: Unable to connect to ZAP's proxy after 15000 milliseconds.
     [java]     at net.continuumsecurity.scanner.ZapManager.waitForSuccessfulConnectionToZap(ZapManager.java:99)
     [java]     at net.continuumsecurity.scanner.ZapManager.startZAP(ZapManager.java:62)
     [java]     at net.continuumsecurity.Config.getProxyHost(Config.java:193)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.createProxyCapabilities(DriverFactory.java:164)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.createProxyDriver(DriverFactory.java:119)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.findOrCreate(DriverFactory.java:95)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.getDriver(DriverFactory.java:64)
     [java]     at net.continuumsecurity.web.drivers.DriverFactory.getProxyDriver(DriverFactory.java:54)
     [java]     at net.continuumsecurity.web.WebApplication.enableHttpLoggingClient(WebApplication.java:92)
     [java]     at net.continuumsecurity.steps.WebApplicationSteps.enableLoggingDriver(WebApplicationSteps.java:247)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     [java]     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
     [java]     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
     [java]     at java.lang.reflect.Method.invoke(Method.java:497)
     [java]     at org.jbehave.core.steps.StepCreator$ParameterisedStep.perform(StepCreator.java:569)
     [java]     at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:533)
     [java]     at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:513)
     [java]     at org.jbehave.core.embedder.StoryRunner.runScenarioSteps(StoryRunner.java:477)
     [java]     at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:308)
     [java]     at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220)
     [java]     at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181)
     [java]     at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:235)
     [java]     at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:207)
     [java]     at java.util.concurrent.FutureTask.run(FutureTask.java:266)
     [java]     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
     [java]     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
     [java]     at java.lang.Thread.run(Thread.java:745)
iriusrisk commented 8 years ago

Try setting a hostname for your upstream proxy. Looks like you've set the upstream port as 80, but there's no hostname. Or remove the port setting if you don't want to use an upstream proxy.

On Wed, Dec 9, 2015 at 9:43 PM, lowly2005 notifications@github.com wrote:

Here is what I got :

 [java]
 [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager startZAP
 [java] INFO: Setting upstream proxy for ZAP to: :80
 [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager startZAP
 [java] INFO: Start ZAProxy [C:***********\zap\zap.bat] on port: 58639
 [java] Given a new browser instance
 [java] Dec 09, 2015 3:36:40 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap
 [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639
 [java]
 [java] C:**************\zap>if exist "**********\OWASP ZAP\.ZAP_JVM.properties" (set /p jvmopts= 0<"\******\OWASP ZAP\.ZAP_JVM.pr

operties" ) else (set jvmopts=-Xmx512m ) [java] [java] C:**\zap>java -Xmx512m -jar zap-2.4.3.jar -daemon -host 127.0.0.1 -port 58639 -dir tmp -config scanner.threadPerHost=20 -config spider.thre ad=10 -config api.key=zapapisecret -config connection.proxyChain.hostName= -config connection.proxyChain.port=80 -config connection.proxyChain.enabled=true [java] Dec 09, 2015 3:36:42 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] Dec 09, 2015 3:36:44 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] Dec 09, 2015 3:36:46 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] Dec 09, 2015 3:36:48 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] Dec 09, 2015 3:36:50 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] 0 [main] INFO org.zaproxy.zap.DaemonBootstrap - OWASP ZAP 2.4.3 started. [java] Dec 09, 2015 3:36:52 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] 1983 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open start [java] 1997 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE - dataFileCache open end [java] 3398 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config api.key = zapapisecret was zapapisecret [java] Dec 09, 2015 3:36:54 PM net.continuumsecurity.scanner.ZapManager waitForSuccessfulConnectionToZap [java] INFO: Attempting to connect to ZAP API on: 127.0.0.1 port: 58639 [java] 3399 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config spider.thread = 10 was 10 [java] 3400 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config connection.proxyChain.hostName = was [java] 3401 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config connection.proxyChain.port = 80 was 80 [java] 3401 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config scanner.threadPerHost = 20 was 20 [java] 3403 [main] INFO org.parosproxy.paros.common.AbstractParam - Setting config connection.proxyChain.enabled = true was false [java] 3408 [main] INFO org.parosproxy.paros.network.SSLConnector - Reading supported SSL/TLS protocols... [java] 3408 [main] INFO org.parosproxy.paros.network.SSLConnector - Using a SSLEngine... [java] Dec 09, 2015 3:36:55 PM net.continuumsecurity.Config getProxyHost [java] WARNING: Error starting embedded ZAP [java] java.lang.RuntimeException: Unable to connect to ZAP's proxy after 15000 milliseconds. [java] at net.continuumsecurity.scanner.ZapManager.waitForSuccessfulConnectionToZap(ZapManager.java:99) [java] at net.continuumsecurity.scanner.ZapManager.startZAP(ZapManager.java:62) [java] at net.continuumsecurity.Config.getProxyHost(Config.java:193) [java] at net.continuumsecurity.web.drivers.DriverFactory.createProxyCapabilities(DriverFactory.java:164) [java] at net.continuumsecurity.web.drivers.DriverFactory.createProxyDriver(DriverFactory.java:119) [java] at net.continuumsecurity.web.drivers.DriverFactory.findOrCreate(DriverFactory.java:95) [java] at net.continuumsecurity.web.drivers.DriverFactory.getDriver(DriverFactory.java:64) [java] at net.continuumsecurity.web.drivers.DriverFactory.getProxyDriver(DriverFactory.java:54) [java] at net.continuumsecurity.web.WebApplication.enableHttpLoggingClient(WebApplication.java:92) [java] at net.continuumsecurity.steps.WebApplicationSteps.enableLoggingDriver(WebApplicationSteps.java:247) [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [java] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [java] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [java] at java.lang.reflect.Method.invoke(Method.java:497) [java] at org.jbehave.core.steps.StepCreator$ParameterisedStep.perform(StepCreator.java:569) [java] at org.jbehave.core.embedder.StoryRunner$FineSoFar.run(StoryRunner.java:533) [java] at org.jbehave.core.embedder.StoryRunner.runStepsWhileKeepingState(StoryRunner.java:513) [java] at org.jbehave.core.embedder.StoryRunner.runScenarioSteps(StoryRunner.java:477) [java] at org.jbehave.core.embedder.StoryRunner.runCancellable(StoryRunner.java:308) [java] at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:220) [java] at org.jbehave.core.embedder.StoryRunner.run(StoryRunner.java:181) [java] at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:235) [java] at org.jbehave.core.embedder.StoryManager$EnqueuedStory.call(StoryManager.java:207) [java] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [java] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [java] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [java] at java.lang.Thread.run(Thread.java:745)



—
Reply to this email directly or view it on GitHub
https://github.com/continuumsecurity/bdd-security/issues/39#issuecomment-163386450
.

Stephen de Vries CTO Continuum Security www.continuumsecurity.net @stephendv Mob: +34 616 33 81 38

lowly2005 commented 8 years ago

When I remove the port setting I have this error : upstream port is not defined in config.xml. Is it necessary to specify it? Can I remove the whole section of upstream proxy from the config file ? I'm using chrome driver so I want my upstream proxy to be embedded on the chrome driver.

iriusrisk commented 8 years ago

Try the same way the default config file had it set https://github.com/continuumsecurity/bdd-security/blob/master/config.xml On 9 Dec 2015 22:50, "lowly2005" notifications@github.com wrote:

When I remove the port setting I have this error : upstream port is not defined in config.xml. Is it necessary to specify it? Can I remove the whole section of upstream proxy from the config file ?

— Reply to this email directly or view it on GitHub https://github.com/continuumsecurity/bdd-security/issues/39#issuecomment-163405337 .

lowly2005 commented 8 years ago

This is exactly what I have . When chrome driver is started I have a message telling me : enable to use zap proxy ...

iriusrisk commented 8 years ago

Could you post your config.xml? if not here, then send it via email. My gmail address is stephendv

3moorr commented 7 years ago

Any update on solving this issue as the same happening with me and I can't solve the issue based on those answers

stephendv1 commented 7 years ago

Hi @3moorr, this is quite an old issue and the project has undergone some changes since it was first reported. Could you describe how you're using bdd-sec, and post key elements of your config.xml file? ie. the zap and proxy sections