Simon Bennetts
Simon Bennetts
Just added this to https://www.owasp.org/index.php/GSOC2018_Ideas : > ZAP has good support for websockets, and allows them to be intercepted, changed and fuzzed. Unfortunately it doesnt current support active scanning (automated...
The git repo data is being exposed via http://mdn-samples.mozilla.org/.git/ as per https://bugzilla.mozilla.org/show_bug.cgi?id=1479975 As the repo is public its not really a security risk, but it will be reported to us...
The Strict-Transport-Security header is set correctly more of the time, but not on 405s: ``` $ curl -i https://activedata-public.devsvcprod.mozaws.net/a HTTP/1.1 405 METHOD NOT ALLOWED Allow: HEAD, OPTIONS Cache-control: no-cache="set-cookie" Content-Type:...
This PR was automatically created by Snyk using the credentials of a real user.Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of...
C/o https://twitter.com/zersiax/status/1366818505274908676 Original is https://www.dropbox.com/s/na61sia1se31xru/zap%20SR%20docs.md?dl=0 - I've made a few minor edits but otherwise its nearly word for work. Although it does mention the HUD I've put it under the...
Maybe using something like https://www.tablefilter.com/popup-filters.html ? Or could hand craft the JS of course ...
- [x] A Quick Start Guide to Building ZAP - [x] Building ZAP with Eclipse - #365 - [x] Building ZAP with Intellij - #371 - [ ] Debug ZAP...
On https://www.zaproxy.org/docs/alerts - [x] Pscan add-on rules - [x] Ascan add-on rules - [ ] Pscan script rules - [ ] Ascan script rules - [x] Pscan websocket rules -...
https://missiveapp.com/blog/privacy-first-analytics looks interesting :)