logo

OWASP ZAP Flagship Project

2021-09-24

Authors:   Simon Bennetts


Summary

The upcoming release of OWASP ZAP 2.11.0 introduces several new features, including an automation framework, out-of-band security testing, and improved reporting capabilities.
  • OWASP ZAP is a web scanner tool designed to find vulnerabilities in custom web applications.
  • The new automation framework simplifies the process of configuring and running scans.
  • Out-of-band security testing allows for the detection of vulnerabilities that may not be immediately apparent.
  • Improved reporting capabilities provide more detailed information about vulnerabilities and site statistics.
  • The package scans and API are still available, but the automation framework provides a more user-friendly option for those less familiar with driving Zap through the API.
The automation framework was introduced earlier this year and has been improved upon for the upcoming release. It simplifies the process of configuring and running scans, making it more accessible for those less familiar with driving Zap through the API. This is important because while the API is powerful, it can be complicated for some users to navigate effectively. The automation framework provides a more user-friendly option for those who may not have as much experience with Zap.

Abstract

OWASP ZAP is the world’s most popular web scanner. In this session, Simon will tell you all about the next ZAP release - 2.11.0 - which is coming very soon.

Materials:

Post a comment

Related work

Authors: Simon Bennetts, semgrep.dev
2022-11-18


Conference:  Defcon 31
Authors: Mikko Hypponen Researcher, WithSecure
2023-08-01


Authors: Bjoern Kimminich
2023-02-15

Authors: Felipe Zipitria, Juan Pablo Tosso
2023-02-15