I am testing ZAP and I have a few questions that I hope you will solve:
I have installed ZAP 2.5.0 on
Windows 7 and Ubuntu 16.04 and the "Report > Compare with another
session..." feature seems to not work. Is it a known issue? Is there a
patch planned in the roadmap? Maybe a bad handling
from me?
Is it possible to definitely
modify a risk level for an alert (e.g. set "X-Content-Type-Options
header missing" risk level from Low to Medium but not only for one
request or session)?
Is there a way to know all the alerts possibly thrown by ZAP?
Thanks.