Multiple target ZAP Scanning / mzap is a tool for scanning N*N in ZAP.
Concept
Installation
go-get
$ go get -u github.com/hahwul/mzap
snapcraft
$ sudo snap install mzap --devmode
homebrew
$ brew tap hahwul/mzap
$ brew install mzap
Usage
Usage: mzap [command] Available Commands: ajaxspider Add AjaxSpider ZAP ascan Add ActiveScan ZAP help Help about any command spider Add ZAP spider stop Stop Scanning version Show version Flags: --apikey string ZAP API Key / if you disable apikey, not use this option --apis string ZAP API Host(s) address e.g --apis http://localhost:8090,http://192.168.0.4:8090 (default "http://localhost:8090") --config string config file (default is $HOME/.mzap.yaml) -h, --help help for mzap --urls string URL list file / e.g --urls hosts.txt
$ mzap spider --urls sample/target.txt
INFO[0000] Start Prefix=/JSON/spider/action/scan/ Size of Target=17
INFO[0000] Added Target="http://testphp.vulnweb.com/" ZAP API="http://localhost:8090"
INFO[0000] Added Target="http://www.hahwul.com" ZAP API="http://localhost:8090"
Source : KitPloit – PenTest Tools!