#zaproxy — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #zaproxy, aggregated by home.social.
-
Blog: Automating OWASP PTK with ZAP (Phase 1)
You can now automate OWASP Pentestkit using ZAP
https://www.zaproxy.org/blog/2026-05-06-automating-owasp-ptk-with-zap-phase-1/
#zaproxy #owasp-ptk #appsec -
Blog: Vibe coding security fixes.
https://www.zaproxy.org/blog/2026-04-15-vibe-coding-security-fixes/
Learn how ZAP can help you make your vibe coded projects more secure.
#zaproxy #vibecoding #appsec -
Guest Blog: https://www.zaproxy.org/blog/2026-04-13-use-zap-with-kro-in-kubernetes/
Learn how to integrate ZAP with KRO in a Kubernetes cluster to scan the security of each new deployment.
℅ Trevor Mountney
#zaproxy #kubernetes #appsec -
Blog: ZAP Updates for March:
https://www.zaproxy.org/blog/2026-04-03-zap-updates-march-2026/
ZAP was started 9.5 MILLION times .. and we announced significant collaborations with other open source projects
#zaproxy #appsec -
This is huge!
https://www.zaproxy.org/blog/2026-04-01-owasp-ptk-findings-to-zap-alerts/
OWASP PTK massively increases ZAP’s browser side testing capabilities .. and automation is up next!
Many thanks to Denis Podgurskii for this great integration.
#zaproxy #owasp #appsec -
New ZAP Blog Post: https://www.zaproxy.org/blog/2026-03-27-guided-zap-scans-faster-cicd-feedback-using-sast/
This post describes an approach that uses static analysis findings to guide ZAP’s active scans toward the most relevant endpoints. The result is a faster scanning mode suited for CI/CD pipelines, built on top of ZAP’s Automation Framework.
Thanks to the Seqra Team!
#zaproxy #appsec -
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec -
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec -
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec -
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec -
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec -
New blog post: ZAP Updates - February 2026
https://www.zaproxy.org/blog/2026-03-02-zap-updates-february-2026/
#zaproxy #appsec -
Do you need even more control over the browsers that you can launch from ZAP?
You’ve got it!
https://www.zaproxy.org/blog/2026-02-24-custom-browsers-and-preferences/
#zaproxy #appsec -
Combine the Encode/Decode/Hash add-on with CyberChef operations in ZAP Encode/Decode Scripts for flexible encoding, decoding, and hashing in your testing workflow.
https://www.zaproxy.org/blog/2026-02-17-encoder-cyberchef-via-scripts/
#zaproxy #appsec #cyberchef -
-
New Blog Post: Detecting Circular Type References in GraphQL Schemas
https://www.zaproxy.org/blog/2026-02-06-detecting-graphql-cycles/
#zaproxy #appsec #graphql -
New blog post: https://www.zaproxy.org/blog/2026-02-02-zap-updates-2025-highlights-2026-plans/
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai -
ZAP 2.17.0 is now available!
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
https://www.zaproxy.org/blog/2025-12-15-zap-2-17-0/
#zaproxy #appsec -
New blog post: #React2Shell Detection with ZAP
https://www.zaproxy.org/blog/2025-12-05-react2shell-detection-with-zap/
#zaproxy #appsec -
ZAP Updates for November 2025:
https://www.zaproxy.org/blog/2025-12-03-zap-updates-november-2025/
2.17.0 is coming soon, along with Insights and fixes for some issues that caused ZAP to log 50 million errors in one day!
#zaproxy #appsec -
New ZAP blog post - read how Telmon Maluleka is enhancing ZAP with AI for Bug Bounty Hunting
https://www.zaproxy.org/blog/2025-11-28-enhancing-zap-with-ai-for-bug-bounty-hunting/
#zaproxy #appsec #bugbounty -
ZAP logged 50 MILLION errors yesterday 😮 Read the blog for more details!
https://www.zaproxy.org/blog/2025-11-25-50-million-errors-in-one-day/
#zaproxy #appsec -
ZAP Updates for October:
https://www.zaproxy.org/blog/2025-11-06-zap-updates-october-2025/
#zaproxy #appsec -
ZAP updates for September:
https://www.zaproxy.org/blog/2025-10-01-zap-updates-september-2025/
#zaproxy #appsec -
New blog post: Alert De-Duplification
https://www.zaproxy.org/blog/2025-09-30-alert-de-duplication/
#zaproxy #appsec -
Anyone have experience using the ZAP docker images to scan sites? I have a context file I’m feeding the full scan image but it appears to only scan the top level and not recurse. I can see it authenticating and running the checks, but it finds only 12 URLs whereas other scanners find 212. #dast #zaproxy
-
The ZAP team has forked and will maintain WAVSEP going forwards. This blog post explains why.
https://www.zaproxy.org/blog/2025-09-08-zap-is-adopting-wavsep/
-
The ZAP team has forked and will maintain WAVSEP going forwards. This blog post explains why.
https://www.zaproxy.org/blog/2025-09-08-zap-is-adopting-wavsep/
-
The ZAP team has forked and will maintain WAVSEP going forwards. This blog post explains why.
https://www.zaproxy.org/blog/2025-09-08-zap-is-adopting-wavsep/
-
The ZAP team has forked and will maintain WAVSEP going forwards. This blog post explains why.
https://www.zaproxy.org/blog/2025-09-08-zap-is-adopting-wavsep/
-
The ZAP team has forked and will maintain WAVSEP going forwards. This blog post explains why.
https://www.zaproxy.org/blog/2025-09-08-zap-is-adopting-wavsep/
-
You can now configure ZAP Scan Policies using Alert Tags:
https://www.zaproxy.org/blog/2025-09-03-configuring-scan-policies-with-alert-tags/
#zaproxy #appsec -
ZAP Updates - August 2025:
https://www.zaproxy.org/blog/2025-09-02-zap-updates-august-2025/Microsoft Online Login Support, forking wavsep and much, much more!
#zaproxy #appsec -
We have a new #evangelists channel on the ZAP Slack: https://www.zaproxy.org/slack/
For an invite go to https://www.zaproxy.org/slack/invite
Join up and help spread the word about #zaproxy ! -
Still unsure of what ZAP does?
See this video..
https://youtu.be/yywD8ebNn6o
#zaproxy #dast #appsec -
BashCoreX (live or injected) with GUI lets you install and run apps like Burp Suite and ZAP Proxy, as long as you’ve got space on the live system! 🙌
***They're not included by default, but you can download and install them easily after boot.
The GUI opens up a whole new level of usability 🔥
#BashCoreX #BashCore #Linux #Pentesting #BurpSuite #Zaproxy #LiveOS #CustomISO #Minimalism #OpenSource #CyberSecurity #DevLog
-
BashCoreX (live or injected) with GUI lets you install and run apps like Burp Suite and ZAP Proxy, as long as you’ve got space on the live system! 🙌
***They're not included by default, but you can download and install them easily after boot.
The GUI opens up a whole new level of usability 🔥
#BashCoreX #BashCore #Linux #Pentesting #BurpSuite #Zaproxy #LiveOS #CustomISO #Minimalism #OpenSource #CyberSecurity #DevLog
-
We have restarted the ZAP monthly blog posts: https://www.zaproxy.org/blog/2024-11-01-zap-updates-october-2024/
#zaproxy #appsec #dast -
ZAP has joined forces with Checkmarx
This is a huge investment (and vote of confidence) in ZAP and will secure the project’s future success!https://www.zaproxy.org/blog/2024-09-24-zap-has-joined-forces-with-checkmarx/
-
Want to get ZAP to perform an authenticated scan of DVWA?
With the Automation Framework its easy: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
#zaproxy #dvwa #appsec -
Want to get ZAP to perform an authenticated scan of DVWA?
With the Automation Framework its easy: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
#zaproxy #dvwa #appsec -
Want to get ZAP to perform an authenticated scan of DVWA?
With the Automation Framework its easy: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
#zaproxy #dvwa #appsec -
Want to get ZAP to perform an authenticated scan of DVWA?
With the Automation Framework its easy: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
#zaproxy #dvwa #appsec -
Want to get ZAP to perform an authenticated scan of DVWA?
With the Automation Framework its easy: https://www.zaproxy.org/faq/details/setting-up-zap-to-test-dvwa/
#zaproxy #dvwa #appsec -
Do you use DAST from one of the many companies which build on top of ZAP but do not support us?
Please encourage them to support us now!
https://www.zaproxy.org/third-party-services/
#zaproxy #DAST #opensource -
This Friday (March 18th), 5-8pm EST, join #DCG201 for our FIVE YEAR ANNIVERSARY!
Attend In-Person at SubCulture (260 Newark Ave, Jersey City NJ) & ONLINE.
Play video games, #hacking, #lockpicking, #Zaproxy, #McDonaldsHacks & more!
LIVE STREAM 6:30 - 7:30 PM EST on @Twitch, #dLive, #YouTube, #Facebook, @peertube & @torproject: https://linktr.ee/defcon201
After Party at #Barcade down the block! Drinking + Arcade Games 21+ ID!
https://defcon201.medium.com/dcg-201-hybrid-meet-up-march-2022-five-f-king-years-d3af2968443f