Karan Preet Singh Sasan
Karan Preet Singh Sasan
**Is your feature request related to a problem? Please describe.** Currently, we only handle JWT signed using HMAC or RSA but we have not handled the JWT's signed by Elliptic...
**Is your feature request related to a problem? Please describe.** The scan rules present at https://github.com/SasanLabs/owasp-zap-jwt-addon/tree/master/src/main/java/org/zaproxy/zap/extension/jwt/attacks are not having header param injections mentioned at https://portswigger.net/web-security/jwt. There are few other attacks...
**Is your feature request related to a problem? Please describe.** We have currently only handing JWS but we have not handled JWE so under this enhancement we are looking to...
**Is your feature request related to a problem? Please describe.** As JWT's should not be very long lived because of revocation issue hence an alert of low priority can be...
**Is your feature request related to a problem? Please describe.** As Scanners cannot add all the types of payloads into its execution but in case the user wants custom payloads/additional...
**Is your feature request related to a problem? Please describe.** Currently i forget to checkin/update change log file and merge the PR and it is not right. so we can...
This issue is to track the inconsistency between truststore input and private key input. Truststore takes input as pkcs12 format and private key input is PEM file. Truststore input requires...
Currently, when we open a vulnerability dropdown, it will remain open when we open another dropdown. We are looking for behavior where if we open another Vulnerability dropdown, then the...
**Is your feature request related to a problem? Please describe.** If we read about the goals of VulnerableApp/VulnerableApp-Facade, this application is built to help scanners like DAST and SAST in...
**Describe the bug** Currently, if we upload a file of size more than 2.5 MB in unrestricted file upload vulnerability, we will see the `413 Request Entity Too Large` error...