-
We use RSyntaxTextArea in ZAP (https://github.com/zaproxy/zaproxy/) - so many thanks :)
The user can set any Java LookAndFeel but we've recently added dark mode support as per https://github.com/zapr…
-
This is the list of tasks underway for the Param Digger add-on for ZAP
- [x] Change output window style for easy access to messages. (https://github.com/zaproxy/zap-extensions/pull/4363)
- [ ] Add …
-
- Site: [https://www.zaproxy.org](https://www.zaproxy.org)
**New Alerts**
- **PII Disclosure** [10062] total: 2:
- [https://www.zaproxy.org/docs/desktop/addons/websockets/pscanrules/](https:…
-
lbasyal@ubuntum1:/usr/local/zaproxy$ ./zap.sh -daemon
Found Java version 19.0.2
Available memory: 3908 MB
Using JVM args: -Xmx977m
365 [main] INFO org.zaproxy.zap.DaemonBootstrap - OWASP ZAP 2.12…
-
- Site: [https://d37uopclgv3e6p.cloudfront.net](https://d37uopclgv3e6p.cloudfront.net)
**New Alerts**
- **Content Security Policy (CSP) Header Not Set** [10038] total: 3:
- [https://d37uopcl…
-
- Site: [https://console.ixcloud.net](https://console.ixcloud.net)
**New Alerts**
- **CSP: Wildcard Directive** [10055] total: 6:
- [https://console.ixcloud.net/logo192.png](https://console.…
-
Using ZAP to scan the demo.testfire.net web site, it doesn't detect some basic SQL injections on the page http://demo.testfire.net/login.jsp
**To Reproduce the SQL injection
Steps to reproduce the…
-
### Describe the bug
Connecting to zaproxy with an api key that is incorrect returns an empty response.
The REST-ful way is to return a 40x HTTP response.
This sends a clearer message back to the…
-
From OWASP ZAP Scripts: https://groups.google.com/d/msg/zaproxy-scripts/slkCdYTN3Rk/oTXhzghIBAAJ
The current SDLC scripts [1] do not work correctly with Python 3.
[1] https://github.com/zaproxy/…
-
ZAP bug: https://github.com/zaproxy/zaproxy/issues/3673 means that we can't enable followRedirects for sendHarRequest.