Hamish M · @hmoffatt
9 followers · 192 posts · Server mastodon.auI'm trying to run some scans in #zaproxy . I've loaded in my swagger API definition, but ZAP's active scan only does GET requests and never POST or PATCH or any other action I've defined, though they're all listed in the site tree. Is there a way to scan those methods too?
OWASP ZAP · @zaproxy
659 followers · 15 posts · Server infosec.exchange
OWASP ZAP · @zaproxy
610 followers · 13 posts · Server infosec.exchange
kingthorin_rm · @kingthorin_rm
104 followers · 197 posts · Server infosec.exchangeI have some ideas for the
@zaproxy
Form Handler add-on. So, why not tackle some SAST findings first? (Gave me a reason to start reading and familiarizing myself with the code 😉Plus helps the project.)
#owasp #zaproxy #development #opensource
OWASP ZAP · @zaproxy
607 followers · 12 posts · Server infosec.exchangeHow to configure ZAP to handle difficult authentication use cases: https://www.zaproxy.org/blog/2023-02-01-authenticating-using-selenium/
#zaproxy #owasp #dast
OWASP ZAP · @zaproxy
592 followers · 10 posts · Server infosec.exchangeHaving problems configuring ZAP to handle authentication?
Help is on its way: https://www.zaproxy.org/blog/2023-01-19-authentication-help/ #owasp #zaproxy
kingthorin_rm · @kingthorin_rm
102 followers · 164 posts · Server infosec.exchangeI’m adding Jump To functionality for
@zaproxy’s history table: https://github.com/zaproxy/zaproxy/pull/7675
#OWASP #OpenSource #RedTeam #PenTest #PenetrationTesting #BugBountyTip #zaproxy
#owasp #opensource #redteam #pentest #penetrationtesting #bugbountytip #zaproxy
Simon Bennetts ⚡ :verified: · @psiinon
540 followers · 120 posts · Server infosec.exchangeMy talk from @DevOpsDaysTLV is has now been published: https://www.youtube.com/watch?v=4WH39UePBto&list=PL8tivQAdoavNHBVaiDiadxLiVtdH7xPJH&index=27
#zaproxy #OpenSource #AppSec
OWASP ZAP · @zaproxy
577 followers · 8 posts · Server infosec.exchangeDo you find ZAP useful?
You can show your appreciation by just starring the main repo: https://github.com/zaproxy/zaproxy
Every star counts⭐
#owasp #zaproxy #appsec
kingthorin_rm · @kingthorin_rm
100 followers · 160 posts · Server infosec.exchange
OWASP ZAP · @zaproxy
554 followers · 6 posts · Server infosec.exchangeAll of the #owasp #zaproxy core team are now on Mastodon!
See https://www.zaproxy.org/docs/team/
c0nsid3rate 🌱 · @c0nsid3rate
370 followers · 893 posts · Server infosec.exchange
kingthorin_rm · @kingthorin_rm
91 followers · 127 posts · Server infosec.exchange
My @hacktoberfest tree has been planted 😁
#opensource #owasp #zaproxy #hacktoberfest
kingthorin_rm · @kingthorin_rm
86 followers · 121 posts · Server infosec.exchange
I did a thing:
Last week version 1.0.0 of the @zaproxy Encode/Decode/Hash add-on was released with a bunch of work I completed.
https://github.com/zaproxy/zap-extensions/releases/tag/encoder-v1.0.0
#zaproxy #AppSec #WebAppSec #RedTeam #PurpleTeam #OWASP #BugBountyTips #PenTesting
#zaproxy #appsec #webappsec #redteam #purpleteam #owasp #bugbountytips #pentesting
sumgr0 · @sumgr0
146 followers · 65 posts · Server infosec.exchange
RT @zaproxy@twitter.com
Version 1.0.0 of the Encode/Decode/Hash add-on was released earlier today with a bunch of work from @kingthorin_rm@twitter.com. Thanks!!!!
#zaproxy #AppSec #WebAppSec #RedTeam #PurpleTeam #OWASP #BugBountyTips #PenTesting
https://github.com/zaproxy/zap-extensions/releases/tag/encoder-v1.0.0
#zaproxy #appsec #webappsec #redteam #purpleteam #owasp #bugbountytips #pentesting
Simon Bennetts ⚡ :verified: · @psiinon
448 followers · 89 posts · Server infosec.exchangeArg!!
Its Monday, time for the @zaproxy weekly build..
xvfb is seg faulting on debian:unstable-slim😞
Why are we using `unstable` again?
Lets try with `stable` ... and xvfb works😀
Great, we can now build the @zaproxy weekly build..
Except that debian:stable only directly supports firefox-esr .. which will not work with the latest webdrivers.
So now we have to install #firefox directly..
Anyway, thats why there is no new #owasp #zaproxy weekly release yet .. hows your week going so far?
Simon Bennetts ⚡ :verified: · @psiinon
441 followers · 85 posts · Server infosec.exchangeHere's what we have been up to with #owasp #zaproxy https://www.zaproxy.org/blog/2022-12-01-zap-updates-2022-november/
Simon Bennetts ⚡ :verified: · @psiinon
441 followers · 85 posts · Server infosec.exchangeOoops!
Just realised we had not updated the #owasp #zaproxy roadmap in a while!
Looking better now: https://www.zaproxy.org/docs/roadmap/
magikh0e :valid: · @magikh0e
145 followers · 155 posts · Server infosec.exchange
cool, you can colorize @zaproxy output using #neonmarker addon
Works with tag or arbitrary assignments
#neonmarker #bugbounty #bugbountytips #zaproxy #owasp #appsec
kingthorin_rm · @kingthorin_rm
73 followers · 65 posts · Server infosec.exchangeDid you know you can color history items in #zaproxy w/ the Neonmarker add-on? Which now support coloring based on tags as well as arbitrary assignments.
#OWASP #AppSec #WebAppSec #BugBountyTip #RedTeam #PurpleTeam #Pentesting #PenTest
#zaproxy #owasp #appsec #webappsec #bugbountytip #redteam #purpleteam #pentesting #pentest