ZAP Docker Documentation

ZAP’s docker images provide an easy way to automate ZAP, especially in a CI/CD environment.

ZAP Docker User Guide - a good place to start if you are new to ZAP's docker images

Baseline Scan - a time limited spider which reports issues found passively

Full Scan - a full spider, optional ajax spider and active scan which reports issues found actively and passively

API Scan - a full scan of an API defined using OpenAPI / Swagger, or GraphQL (post 2.9.0)

Scan Hooks - to make it easy to make little tweaks here and there a hook system is in place to assist you with the packaged scans

Webswing - you can run the ZAP Desktop UI in your browser leveraging Docker and Webswing

Diagnosing Docker Problems - how to resolve problems running ZAP in Docker