This screen allows you to configure the active scan options:
The maximum number of hosts that will be scanned at the same time. Increasing this may put extra strain on the computer ZAP is running on.
The number of threads the scanner will use per host.
Increasing the number of threads will speed up the scan but may put extra strain on the computer ZAP is running on and the target host.
The number of results that will be shown in the Active Scan tab.
Displaying a large number of results can significantly increase the time a scan takes.
The maximum time any individual rule can run for in minutes. Zero means no limit. This can be used to prevent rules that are taking an excessive amount of time.
The maximum number of alerts any rule can raise during the active scan, scan rules that reach this value are skipped.
Note: The maximum might be exceed due to threading.
The maximum time that the whole scan can run for in minutes. Zero means no limit. This can be used to ensure that a scan is completed around a set time.
The delay in milliseconds between each request.
Setting this to a non zero value will increase the time an active scan takes, but will put less of a strain on the target host.
Note: This option has been deprecated and it will be removed in a future release. Use the Network > Rate Limit option instead. The latter option allows to enforce the rate at which the requests are sent while the Delay When Scanning doesn’t.
If this option is selected the active scanner will inject the request header X-ZAP-Scan-ID with the ID of the scan rule that’s sending the HTTP requests.
If this option is selected then the active scanner will attempt to automatically request anti CSRF tokens when required.
Previously this would have forced the scanner to only use one thread, but that is no longer the case. You are strongly recommended to check that the anti CSRF tokens are being correctly generated if more than one thread is being used, for example using custom tags to check for success / failure patterns in the response.
If this option is selected then when you select Attack mode you will be prompted to choose whether to rescan nodes in scope.
If the option is not selected then the following option will control whether the nodes are rescanned.
If this option is selected then when running in Attack mode all nodes in scope will be rescanned if the scope changes.
This is not recommended for large sites as it could take a long time.
The Scan Policy that is used by default when you start an active scan.
The Scan Policy that is used for scanning in Attack mode.
The maximum time in minutes for which response codes will be charted in the Scan Progress dialog.
To disable the chart the option should be set to zero minutes.
| UI Overview | for an overview of the user interface | |
| Options dialogs | for details of the other Options dialog screens | |
| Active Scan options |