-
Re https://github.com/zaproxy/zap-hud/pull/620
- [ ] zap-hud/src/main/zapHomeFiles/hud/display.js
* Tricky - we are injecting the HTML ZAP returns - this will require significant rework
- [ ] z…
-
Java 9 issues:
- Core:
- [x] Unable to add PKCS#11 certs with Java 9+ (#4147)
- [x] Unable to import ZAP Root CA Cert from PEM file with Java 9+ (#4166)
- [x] Address deprecation in drive…
-
Hello,
I am using Ubuntu 14.04 LTS and trying to make the build targets from build.xml work.
"ant compile" and "ant deploy" worked fine, but before being able to proceed with the subsequent targets …
-
Lately I noticed the following error when bdd-security is running especially against a huge app/site
10802624 [ZAP-ActiveScanner-1] WARN org.zaproxy.zap.extension.ascanrules.TestPathTraversal - Erro…
-
### Description
Validation of OpenAPI Spec
### Motivation
Due to problems --> no endpoints were recognised by OWASP ZAP while calling
`docker run --rm -v $(pwd):/zap/wrk:rw -t ghcr.io/zaprox…
ariwk updated
2 weeks ago
-
I have a doubt regarding this script "https://github.com/zaproxy/zaproxy/blob/8b848cd8bfdf6f3d4937d04c60a9dd81faec3fb6/python/scripts/generic-pytest/test_zap.config" does this
1) do the complete scan …
-
### Describe the bug
The ZAP spider provides a parameter spider.handleParameters that when set to USE_ALL makes the spider search for all URLS of a site including/counting both the name and value o…
-
There's an option in the Zap API to `updateAlertsConfidence` for specific alerts. We can change the confidence level to 0 - False Positive. This doesn't change the number of alerts raised, but the spe…
-
```
I understand that the Global exclude URL (Beta) functionality is still in Beta stages
however,
Let's say on a daily basis I am using ZAP on my environment, and I want to exclude
a couple o…
-
Add the necessary input variables to configure the ZAP authentication toggles to perform authenticated scans in your pipeline.
.e.g.
```yaml
zap_scan_cluster:
runs-on: ubuntu-latest
n…