I am trying to learn BDD Security and want to run it against webgoat application.
While doing so, I noticed that it is scanning out of scope hosts as well.
308476 [Thread-7140] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from https://github.com
308476 [Thread-7140] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host https://github.com in 0s
308476 [Thread-7139] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.002s
308977 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308978 [Thread-7142] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from http://creativecommons.org
308979 [Thread-7142] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host http://creativecommons.org in 0.001s
308979 [Thread-7141] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.002s
308979 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308980 [Thread-7144] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from https://github.com
308980 [Thread-7144] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host https://github.com in 0s
308980 [Thread-7143] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.001s
308981 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308982 [Thread-7146] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from http://www.w3.org
308982 [Thread-7146] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host http://www.w3.org in 0s
308982 [Thread-7145] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.001s
308982 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308984 [Thread-7148] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from http://www.w3.org
308984 [Thread-7148] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host http://www.w3.org in 0s
308984 [Thread-7147] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.002s
308984 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308985 [Thread-7150] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from https://v4-alpha.getbootstrap.com
308985 [Thread-7150] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host https://v4-alpha.getbootstrap.com in 0s
308985 [Thread-7149] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.001s
308986 [ZAP-AttackMode] INFO org.parosproxy.paros.core.scanner.Scanner - scanner started
308987 [Thread-7152] INFO org.parosproxy.paros.core.scanner.HostProcess - Scanning 1 node(s) from https://v4-alpha.getbootstrap.com
308988 [Thread-7152] INFO org.parosproxy.paros.core.scanner.HostProcess - completed host https://v4-alpha.getbootstrap.com in 0.001s
308988 [Thread-7151] INFO org.parosproxy.paros.core.scanner.Scanner - scanner completed in 0.002s
Hello,
I am trying to learn BDD Security and want to run it against webgoat application.
While doing so, I noticed that it is scanning out of scope hosts as well.
Is this an expected behaviour or a bug ?