-
Delighted to see this - its something I'd like to have done myself but have never had the time ;)
I've just referenced it on the ZAP Dev group: https://groups.google.com/d/msg/zaproxy-develop/IFXWbmRc…
-
Since ZAP vulnerability scans can generate a lot of issues, it might be nice to be able to e.g. ignore any LOW or INFO vulnerabilities. (so that issues are not created)
e.g.
```yaml
jobs:
zap_…
-
It occurred to me the other day that there are some good tools for doing graphs/webs in JS (ex: d3js) and that perhaps someone could implement a HUD'ified version of Call Graph (https://github.com/zap…
-
```
Support multiple databases, eg using an ORM library like Hibernate.
Suggested via the dev group:
https://groups.google.com/d/topic/zaproxy-develop/7HKkTKxDuAs/discussion
```
Original issue rep…
-
How does this differ from our 'official' installer?
Be very happy for you to merge your changes in if they are beneficial to everyone.
In any case I've linked to this project from https://code.google.…
-
```
Watcher is an open source passive scanner: http://websecuritytool.codeplex.com/
It includes loads of useful checks, and has some very useful test pages:
http://www.nottrusted.com/watcher/
It wou…
-
ZAP baseline provides [hooks](https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan#scan-hooks) to perform an authenticated scan. It would be good to have an example on how to configure it.
-
Hi,
I am getting some XSS Reflected and persistent alerts generated when a .xls or .pdf file contains unsantised XSS injection strings. I do not want to add an alert filter because it is an .asp p…
-
```
The current handling of OData filter expression is very basic ( ).
This must be improved to handle more cases:
-
- OData functions
- more types (date, ...)
Ref:
VariantODataFilter…
-
### Describe the bug
Hello, I work on Kali, so the package was recently updated from 2.12.0 to 2.13.0
Since this update, I have a very high CPU usage when browsing some websites, it lasts for a …