Почему [INFO] показывает найденные проблемы: 0, а в отчете указано иное?Просто чтобы быть уверенным, что я перезапустил zap-прокси, а также изменил ключ API и запустил все в Docker.
А вот вывод из консоли:
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 shutdown
[INFO] Shutting down ZAP daemon
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 status
[ERROR] ZAP is not running
gauntlt@724fe0361390:/working$ zap-cli start -o '-config api.key=123'
[INFO] Starting ZAP daemon
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 status
[INFO] ZAP is running
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 report -o /working/output/report.md -f md; cat output/report.md
[INFO] Report saved to "/working/output/report.md"
# ZAP Scanning Report
## Summary of Alerts
| Risk Level | Number of Alerts |
| --- | --- |
| High | 0 |
| Medium | 0 |
| Low | 0 |
| Informational | 0 |
## Alert Detail
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 quick-scan -o '-config scanner.attackOnStart=true -config view.mode=attack -config connection.dnsTtlSuccessfulQueries=-1 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true' -s xss,sqli --spider --recursive http://127.0.0.1:9009
[INFO] Running a quick scan for http://127.0.0.1:9009
[INFO] Issues found: 0
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 report -o /working/output/report.md -f md; head output/report.md [INFO] Report saved to "/working/output/report.md"
# ZAP Scanning Report
## Summary of Alerts
| Risk Level | Number of Alerts |
| --- | --- |
gauntlt@724fe0361390:/working$ zap-cli --api-key=123 report -o /working/output/report.md -f md; head -20 output/report.md
[INFO] Report saved to "/working/output/report.md"
# ZAP Scanning Report
## Summary of Alerts
| Risk Level | Number of Alerts |
| --- | --- |
| High | 0 |
| Medium | 1 |
| Low | 3 |
| Informational | 0 |