Dave Wichers
Dave Wichers
Using OWASP Benchmark, I noticed that I have to Spider the app twice to find all the nodes. Here is what I'm doing: 1) Launch the JxBrowser and navigate to:...
@spassarop - I'm seeing the following - do you have access to a windows box/VM to confirm this failure? And can you then fix it? Hopefully its just a platform...
First off, THANKS for publishing all this! Super useful. If you have time & interest, would you mind going through your solution files and updating them to match the current...
On this page: https://docs.contrastsecurity.com/installation-javaconfig.html#java-yaml Under Configuration Options / Contrast UI properties are the proxy properties. The indenting for those properties looks wrong to me. If they are wrong, can you...
I find it strange that the Active Scan timer keeps running when a scan is paused for 2 reasons. 1) I don't think it should count/consider time when the scan...
I ran out of memory using ZAP. It kept running but the history wouldn't update, and I was trying to figure out why. I went into the zap log and...
**Describe the bug** I have an openapi spec I'm loading into ZAP, that looks like this for 1 path: ``` /rest/sqli-00/BenchmarkTest00568/send: post: operationId: dopost_568 requestBody: description: Form POST parameters in...
I noticed a whole stream of these errors when running: mvn site. I suspect the actual bug is in FindSecBugs itself, but not sure. Not a big deal, but would...
Using jbom itself as an example, if you run: java -jar target/jbom-1.2.1.jar -f target/jbom-1.2.1.jar and then look at the generated SBOM, I see these null/unknown entries: - [ ] "manufacture"...
I originally reported this here: "CodeQL XSS False Positives and XSS AutoFix incorrect location for defensive encoding" (https://github.com/orgs/community/discussions/122802), but am reporting it here because I was told this is a...