zaproxy
https://github.com/zaproxy/zaproxy
Java
The ZAP core project
Triage Issues!
When you volunteer to triage issues, you'll receive an email each day with a link to an open issue that needs help in this project. You'll also receive instructions on how to triage issues.
Triage Docs!
Receive a documented method or class from your favorite GitHub repos in your inbox every day. If you're really pro, receive undocumented methods or classes and supercharge your commit history.
Java not yet supported15 Subscribers
Add a CodeTriage badge to zaproxy
Help out
- Issues
- X-Debug-Token Information Leak scan rule - CWE-200
- Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) scan rule - CWE-200
- Re-map rules attributed to CWE-200
- defaultUserAgent not overridden through the command line
- Support host override for local OpenAPI spec
- Threading for importing URLs
- pscanrules: CSP - When a directive with no fallback is missed use a different alert name vs wildcard
- Provide configuration options in ZAP for Crawljax to access invisible elements.
- docker image with "full-scan" don't obey to -m parameter
- Adding weak cipher and obsolete TLS version checks
- Docs
- Java not yet supported