OWASP ZAP Developer Group

1–30 of 2075

Welcome to the OWASP Zed Attack Proxy (ZAP) Development Group.
Please use this group for any questions about developing, fixing or extending ZAP.
And if you post spam then it will be deleted and your account blocked.

0 selected

Vitika, thc...@gmail.com8

8:33 AM

`fatal: the remote end hung up unexpectedly` while pushing to origin

While cloning almost a month back, I had some error for which I followed the first answer of this

unread,

`fatal: the remote end hung up unexpectedly` while pushing to origin

While cloning almost a month back, I had some error for which I followed the first answer of this

8:33 AM

Dharini n, … Kevin W. Wall8

Feb 4

REG : Absence of Anti-CSRF Tokens

Rick, because this is for a login page, I have seen a few different approaches in the past where the

unread,

REG : Absence of Anti-CSRF Tokens

Rick, because this is for a login page, I have seen a few different approaches in the past where the

Feb 4

Feb 3

API Scanning With ZAP

Hello, I'm looking at the zap api scan offerings to write some of my own api scans. And I noticed

unread,

API Scanning With ZAP

Hello, I'm looking at the zap api scan offerings to write some of my own api scans. And I noticed

Feb 3

Dharini n, psiinon3

Feb 3

REG: Application error disclosure

Getting error from Zap tool I have attached the image for your references. On Friday, 3 February 2023

unread,

REG: Application error disclosure

Getting error from Zap tool I have attached the image for your references. On Friday, 3 February 2023

Feb 3

Jan 30

Github Action Bug/Error

I'd like to run it on a self hosted server On Monday, January 30, 2023 at 4:50:44 PM UTC hakrishi

unread,

Github Action Bug/Error

I'd like to run it on a self hosted server On Monday, January 30, 2023 at 4:50:44 PM UTC hakrishi

Jan 30

Vinayak Yadav, … thc...@gmail.com11

Jan 30

Unable to resolve java errors

Oops, I read that as version 7.6 not 6.7. I was not able to import the project using the latter

unread,

Unable to resolve java errors

Oops, I read that as version 7.6 not 6.7. I was not able to import the project using the latter

Jan 30

Jan 27

OWASP Global AppSec Dublin

OWASP Global AppSec Dublin is going to be on from Feb 13-16 (2 days training, 2 days conf) https://

unread,

OWASP Global AppSec Dublin

OWASP Global AppSec Dublin is going to be on from Feb 13-16 (2 days training, 2 days conf) https://

Jan 27

Christopher Kalaani, … Arkaprabha Chakraborty13

Jan 26

Modifying the Buffer Overflow rule in ZAP

I had another quick question, would the SQL injection rules be suitable for modification as well

unread,

Modifying the Buffer Overflow rule in ZAP

I had another quick question, would the SQL injection rules be suitable for modification as well

Jan 26

Ahmed Aissa, psiinon2

Jan 23

It all depends on what is in config.yaml :) Its like asking - "What happens if I run foo.sh?

unread,

It all depends on what is in config.yaml :) Its like asking - "What happens if I run foo.sh?

Jan 23

Joshua Sharkey, … thc...@gmail.com12

Jan 19

OWASP ZAP Docker Images

Thank you, explicitly pulling latest fixed the issue. On Wednesday, January 18, 2023 at 4:41:45 PM

unread,

OWASP ZAP Docker Images

Thank you, explicitly pulling latest fixed the issue. On Wednesday, January 18, 2023 at 4:41:45 PM

Jan 19

Jan 19

Authentication Help

If you're having problems configuring ZAP to handle authentication then see this blog post: https

unread,

Authentication Help

If you're having problems configuring ZAP to handle authentication then see this blog post: https

Jan 19

ahmed, psiinon6

Jan 19

using automation framework in gitlab ci

Why have you defined 'Context: "Default Context"' in the spiders but not the

unread,

using automation framework in gitlab ci

Why have you defined 'Context: "Default Context"' in the spiders but not the

Jan 19

Andrew Perry, psiinon5

Jan 19

ZAP owasp/zap2docker-stable X11 error

Thanks Simon, Looks like the issue was the context file was not configured correctly, so I have

unread,

ZAP owasp/zap2docker-stable X11 error

Thanks Simon, Looks like the issue was the context file was not configured correctly, so I have

Jan 19

Jan 16

ZAP GSoC 2023 Project Suggestions?

OWASP will be applying to take part in Google Summer of Code 2023. We've just added an initial

unread,

ZAP GSoC 2023 Project Suggestions?

OWASP will be applying to take part in Google Summer of Code 2023. We've just added an initial

Jan 16

Harshitha C, … psiinon3

Jan 12

Out of scope issue

The Ajax Spider will only make requests to URLs that are in scope. Well, and JS / CSS files. The

unread,

Out of scope issue

The Ajax Spider will only make requests to URLs that are in scope. Well, and JS / CSS files. The

Jan 12

Aakhash Ganesh, psiinon3

Jan 6

How to set "OOB service used in active scan" from an addon

Thank you so much, I have a follow up question if you don't mind. I'm trying to initialize

unread,

How to set "OOB service used in active scan" from an addon

Thank you so much, I have a follow up question if you don't mind. I'm trying to initialize

Jan 6

Jan 6

HTTP/2 support in the weekly

In case you missed the "announcement" in the 2022 year review the latest weekly release has

unread,

HTTP/2 support in the weekly

In case you missed the "announcement" in the 2022 year review the latest weekly release has

Jan 6

psiinon, Ananda Krishna2

Jan 5

ZAP : 2022 a Year in Review

Thanks for sharing the blog post, Simon! Congratulations on the successful year for ZAP. Happy New

unread,

ZAP : 2022 a Year in Review

Thanks for sharing the blog post, Simon! Congratulations on the successful year for ZAP. Happy New

Jan 5

Nathan Sitbon, … thc...@gmail.com11

Jan 1

Active Scan- Alert Not raised

When raising the alerts directly you need to do it through the `ExtensionAlert`, eg: https://github.

unread,

Active Scan- Alert Not raised

When raising the alerts directly you need to do it through the `ExtensionAlert`, eg: https://github.

Jan 1

Nathan Sitbon, … psiinon15

12/27/22

What is the best Way to Display Addon Result?

Hi Simon, Thank for the suggestion. Yes we have the full request and response available so we will

unread,

What is the best Way to Display Addon Result?

Hi Simon, Thank for the suggestion. Yes we have the full request and response available so we will

12/27/22

Ryan Thompson, thc...@gmail.com3

12/19/22

Hi there, The second link did the trick. Thanks for your help. Regards, On Sunday, December 18, 2022

unread,

Hi there, The second link did the trick. Thanks for your help. Regards, On Sunday, December 18, 2022

12/19/22

12/15/22

Authenticating in Azure DevOps

Hello, I'm trying to scan a webapplication through Azure DevOps, implementing it in a yaml

unread,

Authenticating in Azure DevOps

Hello, I'm trying to scan a webapplication through Azure DevOps, implementing it in a yaml

12/15/22

A.B., … kingthorin+owaspzap5

12/14/22

OWASP ZAP hardware requirements

Well it's something! Thanks :) On Wednesday, 14 December 2022 at 15:32:19 UTC+1 kingthorin+

unread,

OWASP ZAP hardware requirements

Well it's something! Thanks :) On Wednesday, 14 December 2022 at 15:32:19 UTC+1 kingthorin+

12/14/22

Miguel Pinto, … psiinon5

12/13/22

Help displaying information in status panel

Great - look forward to seeing them! On Tuesday, 13 December 2022 at 12:31:23 UTC a736...@gmail.com

unread,

Help displaying information in status panel

Great - look forward to seeing them! On Tuesday, 13 December 2022 at 12:31:23 UTC a736...@gmail.com

12/13/22

Rashied Rezaweiaun, thc...@gmail.com2

12/9/22

Add Add-on from local file

Hi. That endpoint is only available when running in dev mode (ie from source or with the -dev command

unread,

Add Add-on from local file

Hi. That endpoint is only available when running in dev mode (ie from source or with the -dev command

12/9/22

12/8/22

scan an API that has OAuth 2.0 authentication

Well apparantly the API I'm trying to test heavy utilizes oauth 2.0 and won't work properly

unread,

scan an API that has OAuth 2.0 authentication

Well apparantly the API I'm trying to test heavy utilizes oauth 2.0 and won't work properly

12/8/22

thc...@gmail.com

12/6/22

Re: [zaproxy-develop] Constant.Messages responds with !inputvalue!

Hi. Easier if you share your code or part of it. Does your add-on have an Extension? Do you have only

unread,

Re: [zaproxy-develop] Constant.Messages responds with !inputvalue!

Hi. Easier if you share your code or part of it. Does your add-on have an Extension? Do you have only

12/6/22

DC GRC, … psiinon9

12/6/22

Automation Framework and Scan Hooks

Hi Simon, thanks for the quick response and all the help. Appreciate it! :) On Tuesday, December 6,

unread,

Automation Framework and Scan Hooks

Hi Simon, thanks for the quick response and all the help. Appreciate it! :) On Tuesday, December 6,

12/6/22

simone zambonardi, psiinon4

12/1/22

chrome driver update

Yes, use the "-addonupdate" option as per https://www.zaproxy.org/docs/desktop/cmdline/

unread,

chrome driver update

Yes, use the "-addonupdate" option as per https://www.zaproxy.org/docs/desktop/cmdline/

12/1/22

Eapen, … psiinon7

12/1/22

How can we do Passive Scanning using CLI or Command Line

Can i get the command for running the passive scan on "example.com" and generating a report

unread,

How can we do Passive Scanning using CLI or Command Line

Can i get the command for running the passive scan on "example.com" and generating a report

12/1/22

Search

Clear search

Close search

Google apps

Main menu