1. Go to this page and download the library: Download zaproxy/php-owasp-zap-v2 library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
zaproxy / php-owasp-zap-v2 example snippets
key = "YOUR_API_KEY";
$target = "http://target.example.com/";
$zap = new Zap\Zapv2('tcp://localhost:8090');
$version = @$zap->core->version();
if (is_null($version)) {
echo "PHP API error\n";
exit();
} else {
echo "version: ${version}\n";
}
echo "Spidering target ${target}\n";
// Response JSON looks like {"scan":"1"}
$scan_id = $zap->spider->scan($target, null, null, null, $api_key);
$count = 0;
while (true) {
if ($count > 10) exit();
// Response JSON looks like {"status":"50"}
$progress = intval($zap->spider->status($scan_id));
printf("Spider progress %d\n", $progress);
if ($progress >= 100) break;
sleep(2);
$count++;
}
echo "Spider completed\n";
// Give the passive scanner a chance to finish
sleep(5);
echo "Scanning target ${target}\n";
// Response JSON for error looks like {"code":"url_not_found", "message":"URL is not found"}
$scan_id = $zap->ascan->scan($target, null, null, null, null, null, $api_key);
$count = 0;
while (true) {
if ($count > 10) exit();
$progress = intval($zap->ascan->status($scan_id));
printf("Scan progress %d\n", $progress);
if ($progress >= 100) break;
sleep(2);
$count++;
}
echo "Scan completed\n";
// Report the results
echo "Hosts: " . implode(",", $zap->core->hosts()) . "\n";
$alerts = $zap->core->alerts($target, "", "");
echo "Alerts (" . count($alerts) . "):\n";
print_r($alerts);