Every application which ties to Owasp VulnerableApp-Facade/VulnerableApp has a scanner endpoint that exposes information about VulnerableApplication which will be used by DAST tools like OWASP ZAP.
we already exposed this information in Owasp VulnerableApp: https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/controller/VulnerableAppRestController.java#L91
we would like to expose similar information. If you want to look at how it works then start OWASP VulnerableApp-facade application using https://github.com/SasanLabs/VulnerableApp-facade#simple-start and then visit: http://localhost/VulnerableApp/scanner endpoint, you will see the json exposed. we need similar json structure from VulnerableApp-php as well.
Every application which ties to Owasp VulnerableApp-Facade/VulnerableApp has a scanner endpoint that exposes information about VulnerableApplication which will be used by DAST tools like OWASP ZAP.
we already exposed this information in Owasp VulnerableApp: https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/controller/VulnerableAppRestController.java#L91
we would like to expose similar information. If you want to look at how it works then start OWASP VulnerableApp-facade application using https://github.com/SasanLabs/VulnerableApp-facade#simple-start and then visit: http://localhost/VulnerableApp/scanner endpoint, you will see the json exposed. we need similar json structure from VulnerableApp-php as well.