I am auto testing an ASP.NET web application for vulnerabilities using OWASP ZAP 2.12.0. It is raising some CSP alerts which I don't know why because ...
I am auto testing an ASP.NET web application for vulnerabilities using OWASP ZAP 2.12.0. It is raising some CSP alerts which I don't know why because ...
Am using zap Baseline Scan i want to Change WARN to Ignore Rules. I don't have idea what is Configuration File and how i can use it in my command line ...
I'm trying to run a active scan from OWASP ZAP using only my Ubuntu(22.04) terminal by importing a external open API definition. This can be easily do ...
I am trying to run the OWASP ZAP baseline SCAN in my Cloud Build pipeline. https://www.zaproxy.org/docs/docker/baseline-scan/#usage I have found tutor ...
Gitlab job are failing with exit code 2 after execution. No error details are appearing in log file only showing ERROR: Job failed: exit code 2. .git ...
Running ModSecurity 2.93, and OWASP ModSecurity Core Rule Set (CRS) 3.3.2. Enabled the Nextcloud exceptions contained in REQUEST-903.9003-NEXTCLO ...
This is about writing proper ModSecurity rules. I hope there is an expert out there who can help me. I have ModSecurity 2.9.3 and the OWASP CRS 3.3.2 ...
OWASP dependency check it's a great way of automating vulnerability discovery in our projects, though when running it as part of a CI pipeline per pro ...
This is my current configuration. Have a groovy script which executes pipeline stages and have included a stage to execute the dependency check. Curr ...
I have a public facing form that, I believe, does not need CSRF protection. It is just a newsletter signup form. But when we run Zap Pen Test on it we ...
I have created one pipeline to use OWASP ZAP, But it is getting stuck at 7127 [ZAP-daemon] INFO org.zaproxy.addon.network.ExtensionNetwork - ZAP is ...
I am using dependency check in GitLab CI but when it runs, the report comes back clean. The job code is: I am using GitLab CI to analyse the dep ...
I want to ask, that what to do when Owasp dependency-check finds vulnerabilities. I've recently deployed to a project and I'm a fresher, so I don't k ...
Is it somehow possible to change the attack strength of the OWASP ZAP full scan? I use the advanced github action method like here descripted https:// ...
We have an application we are testing for vulnerabilities using OWASP ZAP. To handle Login, I have created an authentication script for the UserName a ...
I have tried to prevent XSS attacks in my application by sanitizing the requests containing special characters and following OWASP guidelines. But as ...
I use the maven project with the OWASP plugin to check the vulnerabilities on each commit in the CI pull requests. The configuration looks pretty simp ...
In order to test something like, file upload (Content-Type: multipart/form-data), is there functionality in OWASP ZAP to send a file in a request body ...
How can i use invoke Depenendecy-check in jenkins-job-dsl ? I only see example for Publishing OWASP dependency check results. https://jenkinsci.gith ...