secureCodeBox · J12934 · Jun 14, 2025 · Jun 2, 2025 · Jun 2, 2025 · Jun 6, 2025
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -436,8 +436,6 @@ jobs:
           - trivy-sbom
           - whatweb
           - wpscan
-          - zap
-          - zap-advanced
           - zap-automation-framework
     steps:
       - name: Checkout

diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
@@ -341,7 +341,6 @@ jobs:
           - trivy-sbom
           - whatweb
           - wpscan
-          - zap
           - zap-automation-framework
 
     steps:
@@ -491,7 +490,6 @@ jobs:
           - git-repo-scanner
           - screenshooter
           - test-scan
-          - zap-advanced
     steps:
       - name: Checkout
         uses: actions/checkout@v4

diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml
@@ -41,8 +41,6 @@ jobs:
           - trivy-sbom
           - whatweb
           - wpscan
-          - zap
-          - zap-advanced
           - zap-automation-framework
           # missing scanners are : nmap, nikto
     steps:

diff --git a/documentation/docs/11-telemetry.md b/documentation/docs/11-telemetry.md
@@ -14,7 +14,7 @@ The secureCodeBox Operator collects and submits anonymized data to give the deve
 The total number of datapoints collected is extremely small, and they are individually evaluated to ensure that the submitted data is as anonymous as possible.
 
 - Installed version of the secureCodeBox Operator (e.g. `v2.0.0`)
-- List of installed ScanTypes across all kubernetes Namespaces: (e.g. `['nmap', 'zap-baseline']`). Unofficial ScanTypes are reported as `other`, to avoid submission of confidential data.
+- List of installed ScanTypes across all kubernetes Namespaces: (e.g. `['nmap', 'zap-automation-framework']`). Unofficial ScanTypes are reported as `other`, to avoid submission of confidential data.
 
 ## Collection Interval
 

diff --git a/documentation/docs/api/crds/cascading-rule.md b/documentation/docs/api/crds/cascading-rule.md
@@ -52,29 +52,20 @@ This helper object has the following attributes:
 apiVersion: "cascading.securecodebox.io/v1"
 kind: CascadingRule
 metadata:
-  name: "zap-http"
+  name: "nmap-hostscan"
   labels:
     securecodebox.io/invasive: non-invasive
-    securecodebox.io/intensive: medium
+    securecodebox.io/intensive: light
 spec:
   matches:
     anyOf:
-      - category: "Open Port"
-        attributes:
-          service: http
-          state: open
-      - category: "Open Port"
-        attributes:
-          service: https
-          state: open
-  scanLabels:
-    mynewlabel: {{ metadata.name }}
-  scanAnnotations:
-    defectdojo.securecodebox.io/product-name: "{{$.hostOrIP}}"
-    defectdojo.securecodebox.io/product-type-name: "{{metadata.labels.organization}}"
-    defectdojo.securecodebox.io/engagement-name: "{{metadata.name}}"
-    mynewannotation: "{{category}}"
+      - category: "Subdomain"
+        osi_layer: "NETWORK"
   scanSpec:
-    scanType: "zap-baseline"
-    parameters: ["-t", "{{attributes.service}}://{{$.hostOrIP}}"]
+    scanType: "nmap"
+    parameters:
+      # Treat all hosts as online -- skip host discovery
+      - "-Pn"
+      # Target Port of the finding
+      - "{{location}}"
 ```
diff --git a/documentation/docs/api/crds/parse-definition.md b/documentation/docs/api/crds/parse-definition.md
@@ -85,21 +85,22 @@ resources:
 apiVersion: execution.securecodebox.io/v1
 kind: ParseDefinition
 metadata:
-  name: zap-json
+  name: zap-xml
 spec:
-  image: docker.io/securecodebox/parser-zap
+  affinity:
+    foo: bar
+  env: []
+  image: docker.io/securecodebox/parser-zap-automation-framework:0.0.0
+  imagePullPolicy: IfNotPresent
   imagePullSecrets:
-    - name: dockerhub-token
-  ttlSecondsAfterFinished: 60
-  scopeLimiterAliases:
-    domain: "{{attributes.host}}"
+    - name: foo
   resources:
-    requests:
-      cpu: 42mi
-      memory: 256Mi
-    limits:
-      cpu: 4
-      memory: 4Gi
+    foo: bar
+  scopeLimiterAliases:
+    foo: bar
+  tolerations:
+    - foo: bar
+  ttlSecondsAfterFinished: null
 ```
 
 The Parse definition is different when integrating a new scanner. We use specific conventions when adding new ParseDefinitions to the secureCodeBox repository.

diff --git a/documentation/docs/architecture/06_runtime_view.md b/documentation/docs/architecture/06_runtime_view.md
@@ -15,7 +15,7 @@ Since sequence diagrams are hard to maintain and tend to be very complicated we
 
 ## Runtime Scenario 1: Basic Scan with kubectl {#__runtime_scenario_1}
 
-This scenario describes a simple [ZAP](/docs/scanners/zap) scan which is initialized by a _Developer_ actor and which persists the _findings_ in [Elastic][elastic] and [DefectDojo][defectdojo]. 
+This scenario describes a simple [ZAP](/docs/scanners/zap-automation-framework) scan which is initialized by a _Developer_ actor and which persists the _findings_ in [Elastic][elastic] and [DefectDojo][defectdojo]. 
 
 ![Runtime view diagram](/img/docs/architecture/runtime-basic-scan-via-kubectl.png)
 

diff --git a/documentation/docs/auto-discovery/installation.md b/documentation/docs/auto-discovery/installation.md
@@ -65,6 +65,6 @@ You should now see a ZAP Automation Framework [ScheduledScan](/docs/api/crds/sch
 
 ```bash
 $ kubectl get scheduledscans.execution.securecodebox.io
-NAME                                                             TYPE                INTERVAL   FINDINGS
-juice-shop-service-port-3000                                     zap-automation-framework   168h0m0s   5
+NAME                                                    TYPE                       INTERVAL   FINDINGS
+juice-shop-service-port-3000                            zap-automation-framework   168h0m0s   5
 ```
diff --git a/documentation/docs/contributing/integrating-a-scanner/makefile.md b/documentation/docs/contributing/integrating-a-scanner/makefile.md
@@ -77,45 +77,3 @@ deploy-test-deps:
 ```
 
 Furthermore, it overrides the deploy-test-deps target such that juice-shop is installed in the correct namespace (nmap-tests).
-
-### Reusing components from other scanners
-
-```makefile
-#!/usr/bin/make -f
-
-include_guard = set
-scanner = zap-advanced
-custom_scanner = set
-
-include ../../scanners.mk
-
-unit-tests:
-	@$(MAKE) -s unit-test-py
-
-unit-tests-parser:
-	$(MAKE) -s -f ../../scanners.mk unit-tests-parser include_guard=set scanner=zap
-
-install-deps:
-	cd ../zap/ && $(MAKE) -s install-deps
-
-docker-build-parser:
-	cd ../zap/ && $(MAKE) -s docker-build-parser
-
-docker-export-parser:
-	cd ../zap/ && $(MAKE) -s docker-export-parser
-
-kind-import-parser:
-	cd ../zap/ && $(MAKE) -s kind-import-parser
-
-deploy-with-scanner:
-	@echo ".: 💾 Deploying custom '$(scanner)' scanner HelmChart with the docker tag '$(IMG_TAG)' into kind namespace 'integration-tests'."
-	helm -n integration-tests upgrade --install $(scanner) ./ --wait \
-		--set="parser.image.repository=docker.io/$(IMG_NS)/$(parser-prefix)-zap" \
-		--set="parser.image.tag=$(IMG_TAG)" \
-		--set="scanner.image.repository=docker.io/$(IMG_NS)/$(scanner-prefix)-$(scanner)" \
-		--set="scanner.image.tag=$(IMG_TAG)"
-
-deploy-test-deps: deploy-test-dep-nginx deploy-test-dep-bodgeit deploy-test-dep-juiceshop deploy-test-dep-petstore
-```
-
-Zap-advanced reuses the parser container from zap scanner, thus in the makefile, we overwrite the targets for parser build so that they reference the makefile from zap.
diff --git a/documentation/docs/getting-started/installation.md b/documentation/docs/getting-started/installation.md
@@ -129,7 +129,7 @@ helm upgrade --install ssh-audit oci://ghcr.io/securecodebox/helm/ssh-audit
 helm upgrade --install sslyze oci://ghcr.io/securecodebox/helm/sslyze
 helm upgrade --install trivy oci://ghcr.io/securecodebox/helm/trivy
 helm upgrade --install wpscan oci://ghcr.io/securecodebox/helm/wpscan
-helm upgrade --install zap oci://ghcr.io/securecodebox/helm/zap
+helm upgrade --install zap-automation-framework oci://ghcr.io/securecodebox/helm/zap-automation-framework
 ```
 
 ## Install some demo targets

diff --git a/documentation/docs/getting-started/upgrading.md b/documentation/docs/getting-started/upgrading.md
@@ -16,7 +16,8 @@ sidebar_position: 3
 
 * `typo3scan` was removed as the scanner itself [isn't maintaned anymore](https://github.com/whoot/Typo3Scan?tab=readme-ov-file#unsupported). Most security aspects of typo3 are now hard to verify from the outside as it requires authentication (which is really good). Some typo3 security aspects (e.g. a incomplete installation) can be verified by [nuclei](https://www.securecodebox.io/docs/scanners/nuclei).
 * `kubeaudit` was removed as the scanner itself [isn't maintaned anymore](https://github.com/Shopify/kubeaudit?tab=readme-ov-file#-deprecation-notice-). As a replacement you can use the `trivy` with it's `k8s` scanning mode, see [trivy ScanType k8s example](https://www.securecodebox.io/docs/scanners/trivy#k8s).
-* `doggo` was removed. Doggo was added primarily as an experimentation to be used to deduplicate duplicate scan target from cascading rules based on DNS entries. That approach hasn't worked out unfortunately. The doggo integration has been non-functional for a while (see: https://github.com/secureCodeBox/secureCodeBox/issues/2853). As a alternative, nuclei already includes some DNS record based checks, if checks for specific records are required custom nuclei rules could be used to fulfil those requirements.
+* `doggo` was removed. Doggo was added primarily as an experimentation to be used to deduplicate duplicate scan target from cascading rules based on DNS entries. That approach hasn't worked out unfortunately. The doggo integration has been non-functional for a while (see: https://github.com/secureCodeBox/secureCodeBox/issues/2853). As an alternative, nuclei already includes some DNS record based checks, if checks for specific records are required custom nuclei rules could be used to fulfil those requirements.
+*  `zap-baseline-scan` and `zap-advanced` in favor of the `zap-automation-framework`. The `zap-automation-framework` ScanTpye includes all functionalities of the removed ScanTypes and can be customized easily. The default ScanType for the AutoDiscovery has been changed to the `zap-automation-framework` as well. For migrating to the `zap-automation-framework` please refer to [migration to zap-automation framework](/docs/scanners/zap-automation-framework#migration-to-zap-automation-framework) guide.
 
 ➡️  [Reference: #2670](https://github.com/secureCodeBox/secureCodeBox/issues/2670)