Simon Bennetts
Simon Bennetts
I'm kind of resisting extending this to cover all pentesting tools, as it then becomes too unweildy and hard to maintain 😁
Thats how its designed to work. ZAP will crawl the target site, collect the results and then output them in one go. We _could_ stream some info, but all of...
We do actually have that on the command line quick scan - but thats way too restrictive. I'll have a think - this is something we could add to the...
Hum, I actually think this should work. Or at least I'm surprised that it doesnt. FYI if you're getting into this sort of configuration then I'd recommend using the Automation...
The openapi add-on does not currently support extensions like AWS signatures.
I know this doesnt work with snapcraft - this may be the same problem. If we cant get it to work then we should look at seeing if we can...
This is also similar to the situation with docker and webswing. Maybe we should disable browser launch for the cases where we find it wont work? Or at least show...
It looks like [flatpak-spawn](https://docs.flatpak.org/en/latest/flatpak-command-reference.html#flatpak-spawn) might do what we need?
ZAP is no longer an OWASP project, and the correct URL is https://www.zaproxy.org/ For other DAST tools see https://github.com/psiinon/open-source-web-scanners 😁
@bkollmar of course - assigned to you 😁