ZAP Send to Any tools(+Send to Burp Scanner)

Hi friends?! I shared post the applications settings in ZAP yesterday. I’m going to share some of the settings that I was writing separately today. Let’s get started, my go-to settings :)

ZAP Send to Any tools

Send to Burp Scanner

  • Full Command: /usr/local/bin/curl
  • Parameters: -i -k 127.0.0.1:1337 -X POST -d '{"urls":["%url%"]}' -H 'Content-Type: application/json;'

Add Burp scan via REST API

1
2
3
4
5
6
7
POST /scan HTTP/1.1
Host: 127.0.0.1:1337

{
  "urls":["https://www.hahwul.com"]
}

Send to SQLMap

SQLMAP(GET)

  • Full Command: /usr/local/bin/sqlmap
  • Parameters: --dbs --no-cast --random-agent -u %url% --cookie %cookie%

SQLMAP(POST)

  • Full Command: /usr/local/bin/sqlmap
  • Parameters: --dbs --no-cast --random-agent -u %url% --cookie=%cookie% --data=%postdata%

Send to A2SV

  • Full Command: /usr/local/bin/a2sv
  • Parameters: -t %host% -p %port%

Send to ddp(dotdotpwn)

  • Full Command: /Users/hahwul/HAHWUL/tool/dotdotpwn/dotdotpwn.pl
  • Parameters: -m http-url -h %host% -u %url% -k "root:"

e.g

https://127.0.0.1/lib/file_download.asp?FilePath=TRAVERSAL

Send to Arachni

Add scan to arachni

  • Full Command: /usr/local/bin/arachni-cli
  • Parameters: --output-verbose --scope-include-subdomains %url%

Only xss

  • Full Command: /usr/local/bin/arachni-cli
  • Parameters: %url% --checks=xss*

Send to Arjun

GET

  • Full Command: python3 /app/arjun.py
  • Parameters: -u %url% --get --headers "Cookie: %cookie%"

POST

  • Full Command: python3 /app/arjun.py
  • Parameters: -u %url% --post --headers "Cookie: %cookie%"

My Private Setting?

Secret :P

Licensed under CC BY-NC-SA 4.0
Last updated on Apr 16, 2022 01:26 +0900