Rick M
It looks like Azure has the necessary API endpoints for grabbing NAT details: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service#the-following-network-categories-are-available-through-the-instance-api Would it be possible to add something like: https://github.com/jitsi/ice4j/blob/master/src/main/java/org/ice4j/ice/harvest/AwsCandidateHarvester.java for Azure?
Per discussion (https://github.com/OWASP/wstg/pull/952/files) and reading of the clickjacking content. - Remove browser support tables. - Be consistent in use of quotes or code fencing on key terms.
I think we should add some domain lookup (ala amass etc) and cert transparency harvesting details to the guide. I'm thinking of adding this to a new section like 4.1.11...
See discussion on this PR: https://github.com/OWASP/wstg/pull/634
- ascan > In policy and progress dialogs display class name if rule name is blank. - pscan > Options panel, display class name if rule name is blank. Screenshots:...
### Is your feature request related to a problem? Please describe. It would be nice if ZAP had a scan rule to passively check content for leaks of "secrets". This...
Similar to the existing various kinds of scripts ZAP supports it may be logical for a type of Spider script to be supported so that users and the community can...
As discussed via email. Based on previous PRs: #3638, #6194, #6232, and #6245. Signed-off-by: kingthorin
(Using diff highlighting below to illustrate coverage) Before: ```diff + http://demo.testfire.net - Yes (Analyser ran) - GET:/ - No (Analyzer didn't run) + images - Yes (Analyser ran) - GET:gradient.jpg...