OWASP ZAP v2.3.1 - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
OWASP Zed Attack Proxy (ZAP) An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.
Changelog v2.3.1
The following changes were made in this release:
- ZAP changes request data (while switching views) ( Issue 81 )
- Unfulfilled dependencies hang the active scan ( Issue 377 )
- Cant remove scripts marked as ‘load on start’ ( Issue 1073 )
- core.newSession doesn’t clear Sites ( Issue 1114 )
- Historical Request Tab Doesn’t allow formatting changes ( Issue 1155 )
- Proxy gzip decoder doesn’t update content length in response headers ( Issue 1156 )
- Unable to set a home directory with a space on the command line ( Issue 1163 )
- Redundant indexes in zapdb.script ( Issue 1166 )
- Add proxy support for “deflate” content encoding ( Issue 1168 )
- Spider Context/User pop up menus no longer shown ( Issue 1170 )
- Unable to select 2 requests in fuzz results (Ctrl + click) ( Issue 1179 )
- Vulnerable pages active scanned only once ( Issue 1181 )
- Alerts of same type for different parameters of same vulnerable page shown only once in “Alerts” tree ( Issue 1182 )
- NullPointerException while selecting a node in the “Alerts” tab after deleting a message ( Issue 1183 )
- Cmdline session params have no effect ( Issue 1191 )
- Scan URL path elements – turn off by default ( Issue 1193 )
- Command line arguments are not passed to extensions when starting ZAP in daemon mode ( Issue 1194 )
- AbstractPlugin.bingo incorrectly sets evidence to attack ( Issue 1196 )
- Issue with loading addons that did not initialize correctly ( Issue 1202 )
- WordPress Authentication Script ( Issue 1203 )
- ‘History’ tab is not cleared when a new session is created through the API with ZAP in GUI mode ( Issue 1206 )
OWASP ZAP v2.3.1 - An easy to use integrated penetration testing tool
for finding vulnerabilities in web applications
Reviewed by 0x000216
on
Thursday, May 29, 2014
Rating: 5