Simon Bennetts
Simon Bennetts
We regularly run zap against the Google Security Crawl Maze: https://www.zaproxy.org/docs/scans/ This tracker issue records who has been assigned specific URLs to find, eg as part of the stackhack-bounty. To...
Fix any 5 of the failing results on https://www.zaproxy.org/docs/scans/crawlmaze/ It is important to note that the priority here is to improve the ZAP scan results against real work apps so...
[Param Miner](https://portswigger.net/bappstore/17d2949a985c4b7ca092728dba871943) is a Burp extension which identifies hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities. It is based on this research by James Kettle: https://portswigger.net/research/practical-web-cache-poisoning...
As per #541 buttons are scaled when the default font is scaled. Having an option to scale them independently would help some people. I think keeping the current behaviour as...
[Rules](https://www.zaproxy.org/docs/alerts/) with multiple examples - [x] [10020/](https://www.zaproxy.org/docs/alerts/10020/) https://github.com/zaproxy/zap-extensions/pull/3608 - [x] [10032/](https://www.zaproxy.org/docs/alerts/10032/) https://github.com/zaproxy/zap-extensions/pull/3608 - [x] [40040/](https://www.zaproxy.org/docs/alerts/40040/) - [x] [90004/](https://www.zaproxy.org/docs/alerts/90004/) Rules which should have multiple examples - [x] [10055/](https://www.zaproxy.org/docs/alerts/10055/) https://github.com/zaproxy/zap-extensions/pull/3604 - [...
We run ZAP against Google Firing Range (FR) using a scheduled task and publish the results on https://www.zaproxy.org/docs/scans/firingrange/ This is a tracker issue which covers improving the ZAP results against...
### Describe the bug The ZAP desktop UI gets gradually more and more slugged when fuzzing a very large number of values. This is more pronounced when passive scanning is...
Changes proposed for packaged scripts like the zap-baseline.py and zap-api-scan.py - [x] Extract common features to a common script Done: [zap-common.py](https://github.com/zaproxy/zaproxy/blob/develop/build/docker/zap_common.py) - [x] Implement a new zap-full-scan.py script Done: [zap-full-scan.py](https://github.com/zaproxy/zaproxy/blob/develop/build/docker/zap-full-scan.py)...