Skip to content

sepehrdaddev/zap-scripts

BranchesTags

Repository files navigation

zap-scripts

Zed Attack Proxy Scripts for finding CVEs and Secrets.

Building

This project uses Gradle to build the ZAP add-on, simply run:

./gradlew build

in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/.

Usage

The easiest way to use this repo in ZAP is to add the directory to the scripts directory in ZAP (under Options -> Scripts).

however, you can also build the add on and install it (under File -> Load Addon File...).

License

This software is distributed under the MIT License.

Credits

  • The scripts under the active directory are mostly ported from the amazing nuclei-templates repository, so huge shoutout to projectdiscovery and the community.

  • secret-finder.js uses regex patterns from the awesome gitleaks project.

  • takeover-finder.js uses patterns from the awesome nuclei-templates repository.

LEGAL NOTICE

THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY! IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY THE AUTHOR DOES NOT TAKE ANY RESPONSIBILITY FOR IT. BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.

Get Involved

Please, send us pull requests!

About

Zed Attack Proxy Scripts for finding CVEs and Secrets.

Topics

owasp vulnerability cve vulnerability-detection cve-scanning owasp-zap vulnerability-scanners zap-plugin zaproxy

Resources

Readme

License

MIT license
Activity

Stars

125 stars

Watchers

4 watching

Forks

23 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages