-
# Overview
The ultimate goal is to have the vulnerability scanner function.
## Checklist
- [x] Operation from API
- [ ] Outlier check (special character related) / SQLi / XSS payload addition
- […
-
The scanner can detect reflect/stored XSS attacks that may actually be there, but are actually prevented by CSP. It would be great if it could notify you or reduce the risk if CSP would actually fix …
april updated
8 years ago
-
I've done some digging through the docs and previous issues, and I'm not 100% certain that this isn't already addressed.
Today my Sandstorm server failed a vulnerability scan. The scanning entity f…
-
Dear Sir,
Current version does not install gf, gau, waybackurls Ubuntu Or Kali Linux. It does not show installation path to add API, or other keys for censys, shodan based scripts or tools.
Seco…
-
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page conte…
-
I have 2 PHP pages, one for updating information and for showing information, simple CRUD APP which is vulnerable to STORED XSS. The first page updates information and the information is showed by vie…
-
Hello, i am running the latest version of w3af agains the owasp benchmark (https://www.owasp.org/index.php/Benchmark) but only for XSS. So i only enabled xss audit with console script, like it follows…
-
Vulnerable Library - antisamy-1.5.3.jar
The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML
and CSS without exposing the site to XSS vulnera…
-
Running the zap-baseline.py cmd with a custom configuration file generated from -g, result of the execution ignore the rules that was set in the custom config file passed to zap-baseline.py.
**Step…
-
### Describe the bug
ZAP doesn't clear Sites list sometimes after creating new session without persist previous
### Steps to reproduce the behavior
Run ZAP and complete autoscan ain.ua site
Genera…