-
```
It will be good for scripts to gracefully rollback changes in database and
then exit on some per-process and per-system events: SIG_BREAK, system
shutdown etc. For example, during system shutdown …
-
```
I'd like ZAP to be able to perform security regression tests on web
applications.
Setting up a test would go something like this:
* Explore the app using a browser proxying through ZAP
* Run the …
-
```
What steps will reproduce the problem?
1. unstable on win 7 64x
2. program freezes on shut down
3. ability to add target by entering url in spider would be great too without a
proxy... jus sayin …
-
```
When shares with same file tree are detected their next_scan time should be
altered making next scanning of these shares to be done in almost the same
time. This may increase probability of keepin…
-
```
I wanted to run a spider on my full site, but the application froze before
ending.
The site contains at least 500 pages. and on each pages, their are at least 10
URLs (Page URL + Get parameters)…
-
```
I have tested ZAP 2.0.0/Win7 on http://demo.testfire.net/bank/login.aspx and
found the active scan was unable to spot trivial SQL injection patterns.
When the tool submits SQL injection attacks,…
-
Right now all bots are grouped together into a single X-UA-Device of 'bot'. But Google, for example, has bots that are specifically used for crawling mobile sites. See:
https://developers.google.co…
-
```
Enhancement request to import ModSecurity logs, as per
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
So ZAP should load data from such logs into the Sites tree and pa…
-
```
I would like to see a "scope" option that can be used for filtering etc.
The idea is to have an option "add to scope" when you right-click a host/URL in
the Sites-tab and have "use only in-scope…
-
```
What steps will reproduce the problem?
1. Active Scan any website with GET parameter vulnerabilities
What is the expected output? What do you see instead?
Attacked an URL of the type:
GET getfile…