This is the simplified manual for “Web Application Vulnerability Scanner” from Azure Marketplace.
“Web Application Vulnerability Scanner” is a vulnerability scanner tool for web based applications using Zed Attack Proxy(ZAP).
This tool is on a Azure Virtual Machine.
Access to “Web Application Vulnerability Scanner” and Create.
Network Security Group (NSG) is applied to the NIC on the Azure virtual machines.
The following rules have been added to the NSG inbound security rules:
You should change this NSG settings to only allow connections from where you need it.
If you have created a Public IP address, you permit these connections from all over the Internet by default.
Select your preferred type of operation, GUI with Remote Desktop or CLI with SSH.
* “How to use ZAP” is not included in this document. See this document.
Remote Desktop Connection
Connect with Remote Desktop (RDP) from the client PC.
The Remote Desktop screen appears and a dialog box of “Login to (virtual machine name)” is displayed. Set the following information and click [OK]
Start ZAP application
Double-click [ZAP] on the remote desktop screen.
After selecting any line on the confirmation screen ZAP Session, click [Start] to show an initial screen.
The Add-ons package update confirmation screen may be displayed at the first startup, but add-ons will be updated if necessary.
Select [Options…] in [Tools] menu, you can change your language settings from [Language] in the menu list of Options (you need to restart ZAP).
If you specified “SSH Shared key” as the Authentication type at the time of deployment, you need to log in to virtual machine with ssh and set the password before logging in with the GUI.
(login from ssh) $ sudo passwd $USER New password: <<enter password>> Retype new password: <<re-enter password>> passwd: password updated successfully
Please connect and operate with SSH. To use command line, see this document.
ZAP Path: /usr/local/bin/zap.sh
For the software version of Ubuntu and ZAP, the latest version at the time of registration in Marketplace has already been applied.
Please update Ubuntu and software as necessary.
Can’t connect to virtual machine with Remote Desktop
OS does not start normally / Can’t login to Remote Desktop
2GB or more of OS memory is required to operate the virtual machine normally
Change the Azure Virtual machine to the appropriate size.
Support is available at a charge.
If you wish to support services, please contact below.