OWASP ZAP Developer Group

1–30 of 2091

Welcome to the OWASP Zed Attack Proxy (ZAP) Development Group.
Please use this group for any questions about developing, fixing or extending ZAP.
And if you post spam then it will be deleted and your account blocked.

0 selected

Lia Chua, … psiinon5

4:12 PM

Error when running OWASP ZAP in Docker

Hi psiinon, I noticed that mistake before but it still outputs the same error. On Thursday, March 16,

unread,

Error when running OWASP ZAP in Docker

Hi psiinon, I noticed that mistake before but it still outputs the same error. On Thursday, March 16,

4:12 PM

Tech Novice, psiinon5

6:10 AM

Getting an error.

Thanks for letting us know! On Monday, 20 March 2023 at 05:59:41 UTC techno...@gmail.com wrote: Hi

unread,

Getting an error.

Thanks for letting us know! On Monday, 20 March 2023 at 05:59:41 UTC techno...@gmail.com wrote: Hi

6:10 AM

Mar 17

ZAP Group issues

We know that some of you are having problems posting to the ZAP groups. It appears that Google Groups

unread,

ZAP Group issues

We know that some of you are having problems posting to the ZAP groups. It appears that Google Groups

Mar 17

Mar 15

ZAP Sponsorship changes

We have a new page which focusses on how to sponsor ZAP and the benefits in doing so: https://www.

unread,

ZAP Sponsorship changes

We have a new page which focusses on how to sponsor ZAP and the benefits in doing so: https://www.

Mar 15

Karthik k, thc...@gmail.com6

Mar 14

Python packages installation in OWASP ZAP Jython environment.

See for workaround: https://github.com/redis/redis-py/issues/1387#issuecomment-680333620 Best regards

unread,

Python packages installation in OWASP ZAP Jython environment.

See for workaround: https://github.com/redis/redis-py/issues/1387#issuecomment-680333620 Best regards

Mar 14

Karthik k, thc...@gmail.com3

Mar 14

Getting scan results by refering alertID

This is working perfectly..! On Monday, 13 March 2023 at 17:46:57 UTC+5:30 thc202 wrote: Hi. You

unread,

Getting scan results by refering alertID

This is working perfectly..! On Monday, 13 March 2023 at 17:46:57 UTC+5:30 thc202 wrote: Hi. You

Mar 14

Mar 10

zap registering google.com to postgres notifications

Hi Max, ZAP does not send any notifications to Google, or any other third party. Well, with the

unread,

zap registering google.com to postgres notifications

Hi Max, ZAP does not send any notifications to Google, or any other third party. Well, with the

Mar 10

saber boukhriss, psiinon2

Mar 3

ZAP as a Service (ZaaS)

Hiya, Sounds like a fun project :D Pro tip - ZAP is not designed to be run as a long running service.

unread,

ZAP as a Service (ZaaS)

Hiya, Sounds like a fun project :D Pro tip - ZAP is not designed to be run as a long running service.

Mar 3

Brendan Kehoe, psiinon3

Mar 2

Automation Framework Custom Pages

Thanks, i will take a look at the scripts On Thursday, 2 March 2023 at 09:20:24 UTC psiinon wrote:

unread,

Automation Framework Custom Pages

Thanks, i will take a look at the scripts On Thursday, 2 March 2023 at 09:20:24 UTC psiinon wrote:

Mar 2

simone zambonardi

Mar 2

problem with core.delete_site_node

Hi, I have a problem with the "core.deleted_site_node()" command, since yesterday it often

unread,

problem with core.delete_site_node

Hi, I have a problem with the "core.deleted_site_node()" command, since yesterday it often

Mar 2

Mar 1

ZAP CFU Service unavailable

FYI we have a new ZAP service dashboard provided by UptimeRobot: https://stats.uptimerobot.com/

unread,

ZAP CFU Service unavailable

FYI we have a new ZAP service dashboard provided by UptimeRobot: https://stats.uptimerobot.com/

Mar 1

Feb 22

Hi! Looking for a detailed document on how to integrate CI/CD pipeline using ZAP. Please give me some

unread,

Hi! Looking for a detailed document on how to integrate CI/CD pipeline using ZAP. Please give me some

Feb 22

jing gu, thc...@gmail.com2

Feb 16

URLDecode requestBody in fuzzer window

Hi. It's currently not possible to decode directly in the Fuzzer dialogue. You would have to use

unread,

URLDecode requestBody in fuzzer window

Hi. It's currently not possible to decode directly in the Fuzzer dialogue. You would have to use

Feb 16

Aakhash Ganesh, thc...@gmail.com2

Feb 13

Importing GSON to use in custom addon

Hi. Normally one would use the artifacts from Maven Central, eg: https://github.com/zaproxy/zap-

unread,

Importing GSON to use in custom addon

Hi. Normally one would use the artifacts from Maven Central, eg: https://github.com/zaproxy/zap-

Feb 13

Mohit A. Jampala, psiinon4

Feb 10

CVE-2022-21449 related to graal-sdk

Thank you for the quick response, Simon On Thursday, February 9, 2023 at 12:28:32 PM UTC-5 psiinon

unread,

CVE-2022-21449 related to graal-sdk

Thank you for the quick response, Simon On Thursday, February 9, 2023 at 12:28:32 PM UTC-5 psiinon

Feb 10

Christian López Espínola, psiinon3

Feb 8

Warn/Ignore when multiple warnings are on same rule

Thanks for answering. I was pretty sure I was missing something. Yes, I'm using the packaged

unread,

Warn/Ignore when multiple warnings are on same rule

Thanks for answering. I was pretty sure I was missing something. Yes, I'm using the packaged

Feb 8

Bhoj Raj Joshi, … GG Nagarkar9

Feb 7

script based authentication - How to automate

Hi Bhoj, I am facing the same issue and would love to refer your blog. Can you please point me to it.

unread,

script based authentication - How to automate

Hi Bhoj, I am facing the same issue and would love to refer your blog. Can you please point me to it.

Feb 7

Dharini n, psiinon4

Feb 6

REG: Application error disclosure

OK, this is also a false positive, and in this case I think we could improve ZAP. I think we should

unread,

REG: Application error disclosure

OK, this is also a false positive, and in this case I think we could improve ZAP. I think we should

Feb 6

Aakhash Ganesh, psiinon2

Feb 6

API Scanning With ZAP

Well, a lot of traditional web vulnerabilities, such as SQL injection, apply just as much to APIs :)

unread,

API Scanning With ZAP

Well, a lot of traditional web vulnerabilities, such as SQL injection, apply just as much to APIs :)

Feb 6

Dharini n, … psiinon9

Feb 6

REG : Absence of Anti-CSRF Tokens

There is a such thing known as "Login CSRF". Google for it. We generally require CSRF

unread,

REG : Absence of Anti-CSRF Tokens

There is a such thing known as "Login CSRF". Google for it. We generally require CSRF

Feb 6

Vitika, thc...@gmail.com10

Feb 6

`fatal: the remote end hung up unexpectedly` while pushing to origin

Yes, I was just going to message here. The problem is now resolved because of fresh clone and I have

unread,

`fatal: the remote end hung up unexpectedly` while pushing to origin

Yes, I was just going to message here. The problem is now resolved because of fresh clone and I have

Feb 6

Jan 30

Github Action Bug/Error

I'd like to run it on a self hosted server On Monday, January 30, 2023 at 4:50:44 PM UTC hakrishi

unread,

Github Action Bug/Error

I'd like to run it on a self hosted server On Monday, January 30, 2023 at 4:50:44 PM UTC hakrishi

Jan 30

Vinayak Yadav, … thc...@gmail.com11

Jan 30

Unable to resolve java errors

Oops, I read that as version 7.6 not 6.7. I was not able to import the project using the latter

unread,

Unable to resolve java errors

Oops, I read that as version 7.6 not 6.7. I was not able to import the project using the latter

Jan 30

Jan 27

OWASP Global AppSec Dublin

OWASP Global AppSec Dublin is going to be on from Feb 13-16 (2 days training, 2 days conf) https://

unread,

OWASP Global AppSec Dublin

OWASP Global AppSec Dublin is going to be on from Feb 13-16 (2 days training, 2 days conf) https://

Jan 27

Christopher Kalaani, … Arkaprabha Chakraborty13

Jan 26

Modifying the Buffer Overflow rule in ZAP

I had another quick question, would the SQL injection rules be suitable for modification as well

unread,

Modifying the Buffer Overflow rule in ZAP

I had another quick question, would the SQL injection rules be suitable for modification as well

Jan 26

Ahmed Aissa, psiinon2

Jan 23

It all depends on what is in config.yaml :) Its like asking - "What happens if I run foo.sh?

unread,

It all depends on what is in config.yaml :) Its like asking - "What happens if I run foo.sh?

Jan 23

Joshua Sharkey, … thc...@gmail.com12

Jan 19

OWASP ZAP Docker Images

Thank you, explicitly pulling latest fixed the issue. On Wednesday, January 18, 2023 at 4:41:45 PM

unread,

OWASP ZAP Docker Images

Thank you, explicitly pulling latest fixed the issue. On Wednesday, January 18, 2023 at 4:41:45 PM

Jan 19

Jan 19

Authentication Help

If you're having problems configuring ZAP to handle authentication then see this blog post: https

unread,

Authentication Help

If you're having problems configuring ZAP to handle authentication then see this blog post: https

Jan 19

ahmed, psiinon6

Jan 19

using automation framework in gitlab ci

Why have you defined 'Context: "Default Context"' in the spiders but not the

unread,

using automation framework in gitlab ci

Why have you defined 'Context: "Default Context"' in the spiders but not the

Jan 19

Andrew Perry, psiinon5

Jan 19

ZAP owasp/zap2docker-stable X11 error

Thanks Simon, Looks like the issue was the context file was not configured correctly, so I have

unread,

ZAP owasp/zap2docker-stable X11 error

Thanks Simon, Looks like the issue was the context file was not configured correctly, so I have

Jan 19

Search

Clear search

Close search

Google apps

Main menu