必要なポリシーのみマウントする

EC-CUBE · Feb 3, 2022 · f55c4c2 · f55c4c2
1 parent 772d7fd
commit f55c4c2
Show file tree

Hide file tree

Showing 2 changed files with 82 additions and 0 deletions.
diff --git a/docker-compose.owaspzap.yml b/docker-compose.owaspzap.yml
@@ -7,6 +7,7 @@ services:
     command: bash -c "zap.sh -cmd -addonupdate -addoninstall help_ja_JP -addoninstall wappalyzer -addoninstall sequence -addonuninstall hud -configfile /zap/wrk/options.properties -certpubdump /zap/wrk/owasp_zap_root_ca.cer && zap-webswing.sh"
     # 詳細スキャンしたい場合はこちらを使用する command: bash -c "zap.sh -cmd -addonupdate -addoninstall help_ja_JP -addoninstall wappalyzer -addoninstall ascanrulesAlpha -addoninstall ascanrulesBeta -addoninstall sqliplugin -addoninstall sequence -addonuninstall hud -configfile /zap/wrk/options.properties -certpubdump /zap/wrk/owasp_zap_root_ca.cer && zap-webswing.sh"
     volumes:
+      - ./zap/policies:/home/zap/.ZAP/policies/
       - ./zap:/zap/wrk/
     ports:
       - "8081:8080"

diff --git a/zap/policies/Default Policy.policy b/zap/policies/Default Policy.policy
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<configuration>
+    <policy>Default Policy</policy>
+    <scanner>
+        <level>MEDIUM</level>
+        <strength>MEDIUM</strength>
+    </scanner>
+    <plugins>
+        <p6>
+            <enabled>true</enabled>
+        </p6>
+        <p7>
+            <enabled>true</enabled>
+        </p7>
+        <p10045>
+            <enabled>true</enabled>
+        </p10045>
+        <p20019>
+            <enabled>true</enabled>
+        </p20019>
+        <p40009>
+            <enabled>true</enabled>
+        </p40009>
+        <p40012>
+            <enabled>true</enabled>
+        </p40012>
+        <p40014>
+            <enabled>true</enabled>
+        </p40014>
+        <p40018>
+            <enabled>true</enabled>
+        </p40018>
+        <p90019>
+            <enabled>true</enabled>
+        </p90019>
+        <p90020>
+            <enabled>true</enabled>
+        </p90020>
+        <p0>
+            <enabled>true</enabled>
+        </p0>
+        <p30001>
+            <enabled>true</enabled>
+        </p30001>
+        <p30002>
+            <enabled>true</enabled>
+        </p30002>
+        <p40003>
+            <enabled>true</enabled>
+        </p40003>
+        <p40008>
+            <enabled>true</enabled>
+        </p40008>
+        <p40028>
+            <enabled>true</enabled>
+        </p40028>
+        <p40032>
+            <enabled>true</enabled>
+        </p40032>
+        <p40016>
+            <enabled>true</enabled>
+        </p40016>
+        <p40017>
+            <enabled>true</enabled>
+        </p40017>
+        <p50000>
+            <enabled>true</enabled>
+        </p50000>
+        <p40026>
+            <enabled>true</enabled>
+        </p40026>
+        <p90026>
+            <enabled>false</enabled>
+            <level>OFF</level>
+        </p90026>
+        <p90029>
+            <enabled>false</enabled>
+            <level>OFF</level>
+        </p90029>
+    </plugins>
+</configuration>