OWASP ZAP Developer Group

1–30 of 2017

Welcome to the OWASP Zed Attack Proxy (ZAP) Development Group.
Please use this group for any questions about developing, fixing or extending ZAP.
And if you post spam then it will be deleted and your account blocked.

0 selected

Sridatta S P, … alex van11

Sep 30

Can we send a POST request from external source and validate in ZAP?

Hi Alex, Can you pls share any examples of sending post request in curl? I'm looking to send

unread,

Can we send a POST request from external source and validate in ZAP?

Hi Alex, Can you pls share any examples of sending post request in curl? I'm looking to send

Sep 30

Sep 29

ZAP Roadmap and Governance

We have actually published a ZAP Roadmap 😯 And there's also a new Roles and Governance page. If

unread,

ZAP Roadmap and Governance

We have actually published a ZAP Roadmap 😯 And there's also a new Roles and Governance page. If

Sep 29

ZAP User, psiinon2

Sep 28

Missing Parameter "scriptName" in setSessionManagementMethod API call

I honestly dont recommend doing it this way :) Either: Export your context from the ZAP desktop.

unread,

Missing Parameter "scriptName" in setSessionManagementMethod API call

I honestly dont recommend doing it this way :) Either: Export your context from the ZAP desktop.

Sep 28

alex van, … psiinon3

Sep 26

ZAP active scan path traversal didn't trigger alert, solution?

Also see https://www.zaproxy.org/blog/2014-04-30-hacking-zap-4-active-scan-rules/ As Rick said -

unread,

ZAP active scan path traversal didn't trigger alert, solution?

Also see https://www.zaproxy.org/blog/2014-04-30-hacking-zap-4-active-scan-rules/ As Rick said -

Sep 26

Kamalpreet Kaur, psiinon3

Sep 22

Does ZAP support ARM platform

ZAP should be able to run on any platform that has a JRE 8+ available for it (maybe 11+ from the next

unread,

Does ZAP support ARM platform

ZAP should be able to run on any platform that has a JRE 8+ available for it (maybe 11+ from the next

Sep 22

Sep 20

Docker base image change?

The ZAP docker images currently use ubuntu:20.04 as the base image. This is old and has a growing

unread,

Docker base image change?

The ZAP docker images currently use ubuntu:20.04 as the base image. This is old and has a growing

Sep 20

psiinon, … thc...@gmail.com5

Sep 20

ZAP 2.12.0 Coming Soon

Hi Omkar, Heimdall is not a tool I am familiar with, and adding support for it is not currently on my

unread,

ZAP 2.12.0 Coming Soon

Hi Omkar, Heimdall is not a tool I am familiar with, and adding support for it is not currently on my

Sep 20

Omkar Kumbhar, thc...@gmail.com3

Sep 19

Getting JSON Parse error while running the Active scan

Hi, The issue is occurring while importing the HAR file using ZAP API. I am exporting the HTTP

unread,

Getting JSON Parse error while running the Active scan

Hi, The issue is occurring while importing the HAR file using ZAP API. I am exporting the HTTP

Sep 19

Sep 14

New ZAP Platinum Supporter: Jit!

I am delighted to announce that I have joined Jit as a Distinguished Engineer, with a joint vision on

unread,

New ZAP Platinum Supporter: Jit!

I am delighted to announce that I have joined Jit as a Distinguished Engineer, with a joint vision on

Sep 14

Sep 9

ZAP Live Docker Image Issue

The code has been fixed, a new Live docker image generated and the tests now pass. We believe the

unread,

ZAP Live Docker Image Issue

The code has been fixed, a new Live docker image generated and the tests now pass. We believe the

Sep 9

AnilKumar Malyala, thc...@gmail.com2

Sep 7

Skipped Plugin error messages

Hi. Those are not error messages. That indicates there's nothing to scan, make sure that your

unread,

Skipped Plugin error messages

Hi. Those are not error messages. That indicates there's nothing to scan, make sure that your

Sep 7

Omkar Kumbhar, psiinon2

Sep 7

How to get a report of Passing and Failed Tests in ZAP Active Scan

Hi Omkar, The full list of reports available, and what they provide, is here: https://www.zaproxy.org

unread,

How to get a report of Passing and Failed Tests in ZAP Active Scan

Hi Omkar, The full list of reports available, and what they provide, is here: https://www.zaproxy.org

Sep 7

psiinon, Ananda Krishna3

Sep 2

Automation Framework "monitor" job test proposal

The PR for this enhancement is https://github.com/zaproxy/zap-extensions/pull/4005 - feedback always

unread,

Automation Framework "monitor" job test proposal

The PR for this enhancement is https://github.com/zaproxy/zap-extensions/pull/4005 - feedback always

Sep 2

larry town, … psiinon11

Aug 26

config file set ajax

Oh good! Thanks for letting us know :) On Friday, 26 August 2022 at 17:33:27 UTC+2 ltow...@gmail.com

unread,

config file set ajax

Oh good! Thanks for letting us know :) On Friday, 26 August 2022 at 17:33:27 UTC+2 ltow...@gmail.com

Aug 26

fede fedez, … larry town35

Aug 26

error api key when star script

Hi, I have had the same problem previously. I solved it by deleting the config.xml and running zap

unread,

error api key when star script

Hi, I have had the same problem previously. I solved it by deleting the config.xml and running zap

Aug 26

david Wright, psiinon2

Aug 25

unistall owasp zap

Hiya :) How did you install it? Cheers, Simon On Thursday, 25 August 2022 at 09:48:09 UTC+2 dw16...@

unread,

unistall owasp zap

Hiya :) How did you install it? Cheers, Simon On Thursday, 25 August 2022 at 09:48:09 UTC+2 dw16...@

Aug 25

Aug 24

How can i execute the Change response script under Http Sender or under Proxy while navigating from different page

Hi Team, My Requirement is I have to change the response of a page before getting the request using

unread,

How can i execute the Change response script under Http Sender or under Proxy while navigating from different page

Hi Team, My Requirement is I have to change the response of a page before getting the request using

Aug 24

Aug 24

ZAP Alert Issue - weekly and live

Today we became aware of an issue in the recent weekly and live releases. The problem only appears to

unread,

ZAP Alert Issue - weekly and live

Today we became aware of an issue in the recent weekly and live releases. The problem only appears to

Aug 24

simone zambonardi, … Kevin W. Wall3

Aug 23

how find all versions

You may want to use the Internet's "Way Back Machine" at archive.org; if you know what

unread,

how find all versions

You may want to use the Internet's "Way Back Machine" at archive.org; if you know what

Aug 23

kingthorin+owaspzap

Aug 20

Re: check is valid url

Valid in what way? Syntactically? That it can be contacted? ______ ? On Saturday, August 20, 2022 at

unread,

Re: check is valid url

Valid in what way? Syntactically? That it can be contacted? ______ ? On Saturday, August 20, 2022 at

Aug 20

Akshat Verma, thc...@gmail.com2

Aug 18

Having .java scripts in ZAP

Hi. That's not supported yet: https://github.com/zaproxy/zaproxy/issues/1516 For now Java scan

unread,

Having .java scripts in ZAP

Hi. That's not supported yet: https://github.com/zaproxy/zaproxy/issues/1516 For now Java scan

Aug 18

Aug 17

Re: permission for generate report via script

Is that when installing ZAP? If so thats expected. If you want to be able to install ZAP without

unread,

Re: permission for generate report via script

Is that when installing ZAP? If so thats expected. If you want to be able to install ZAP without

Aug 17

psiinon, … kingthorin+owaspzap5

Aug 16

Re: problem browser on ubuntu when use ajax spider

What? On Tuesday, August 16, 2022 at 7:36:04 AM UTC-4 walter...@gmail.com wrote: No really thanks can

unread,

Re: problem browser on ubuntu when use ajax spider

What? On Tuesday, August 16, 2022 at 7:36:04 AM UTC-4 walter...@gmail.com wrote: No really thanks can

Aug 16

simone zambonardi, psiinon11

Aug 15

open owasp on ubuntu app

Have you looked at the FAQ I've mentioned above a couple of times? Have you tried disabling the

unread,

open owasp on ubuntu app

Have you looked at the FAQ I've mentioned above a couple of times? Have you tried disabling the

Aug 15

Aug 12

Passive Scan Queue

Hello everyone, Is there a way by using API to retrieve all the information of Passive Scan View

unread,

Passive Scan Queue

Hello everyone, Is there a way by using API to retrieve all the information of Passive Scan View

Aug 12

Aug 12

Re: find update with python

The easiest option is to start ZAP with the "-addonupdate" option as per https://www.

unread,

Re: find update with python

The easiest option is to start ZAP with the "-addonupdate" option as per https://www.

Aug 12

Alex Roytman, … kingthorin+owaspzap8

Aug 3

active scan pops up file save dialog for json

#1 I have no idea what version 1.10 is. Assuming you mean 2.10 you're still behind. The currently

unread,

active scan pops up file save dialog for json

#1 I have no idea what version 1.10 is. Assuming you mean 2.10 you're still behind. The currently

Aug 3

tedev test, psiinon2

Aug 1

Starting ZAP With Environment Variables in Daemon Mode?

ZAP itself does not handle en vars (except for for these authentication ones https://www.zaproxy.org/

unread,

Starting ZAP With Environment Variables in Daemon Mode?

ZAP itself does not handle en vars (except for for these authentication ones https://www.zaproxy.org/

Aug 1

Dhirendra Pratap Singh, … psiinon4

Jul 28

Unable to scan POST api through ZAP

ZAP does not change POSTs into GETs by default, so right now we do not know whats going wrong or how

unread,

Unable to scan POST api through ZAP

ZAP does not change POSTs into GETs by default, so right now we do not know whats going wrong or how

Jul 28

Jul 25

Do you want to know what the constants mean in the ZAP API and scripts? We now have a page for that 😁

unread,

Do you want to know what the constants mean in the ZAP API and scripts? We now have a page for that 😁

Jul 25

Search

Clear search

Close search

Google apps

Main menu