Skip to content
This repository has been archived by the owner on May 13, 2024. It is now read-only.

Commit

Permalink
Added notification of archiving (in progress)
Browse files Browse the repository at this point in the history
  • Loading branch information
@erno1978
erno1978 committed Apr 2, 2024
1 parent d2eba66 commit 892061a
Showing 1 changed file with 20 additions and 1 deletion.
21 changes: 20 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,23 @@
# Automatic Authentication for OWASP ZAP Docker
## 🚨 Repository will be archived🚨

At April 2nd 2024, this repository is marked as "WILL BE ARCHIVED". It will be archived in the coming months and will no longer be maintained anymore.

## Why will this repository be archived?

The purpose of this project was to add the option for authenticated scans mainly (and also to add Blind XSS payloads as a bonus). Meanwhile, ZAP supports this out-of-the-box. Besides that, ZAP is in the process of being updated to use Automation Framework for most of the tasks which changes the way scans are performed.

## What should I do if I'm currently still using zap2docker-weekly?

It's advisable to plan a migration where zap2docker-weekly will be phased out. It's advisable to use ZAP's Automation Framework in the latest version of ZAP to create an Automation Plan and test and use this plan both manually as well as in your CI/CD pipeline. If you have questions about this migration, please see "Get in touch" below, we would like to help! More details about migration will be shared on this page when archiving will be finalized.

## What if I don't migrate?

Probably, you will not notice. But it's very important to note that the base image where zap2docker-weekly is based on will NOT be maintained anymore since March 2024. So the reports being generated by zap2docker-weekly might not be accurate since that date and future changes to the way ZAP works (and vulnerabilities are being scanned an reported) might be missed. So it's NOT advisable

It is (only) a set of scripts to start several open source security tools but since some of them are deprecated or changed and all information in this repository is also available in documentation of the specific tools, there's no reason to keep it alive.

# Automatic Authentication for OWASP ZAP Docker [WILL BE ARCHIVED]

This project adds support to perform authenticated scans using the OWASP ZAP Docker [scanscripts](https://www.zaproxy.org/docs/docker/). These main features are available:

- Automatically or manually filling and completing loginforms.
Expand Down

0 comments on commit 892061a

Please sign in to comment.