ZAP by Checkmarx's Avatar

ZAP by Checkmarx

@zaproxy.org.bsky.social

The Worlds Most Popular Web App Scanner.

1,081 Followers  |  3 Following  |  37 Posts  |  Joined: 01.08.2023  |  1.5874

Latest posts by zaproxy.org on Bluesky

Preview
ZAP Updates - July 2025 Authentication improvements, Edge support, timing rule changes, Docker news, and a new scan rule.

ZAP Updates - July 2025
Authentication improvements, Edge support, timing rule changes, Docker news, and a new scan rule.
www.zaproxy.org/blog/2025-08...
#zaproxy #appsec

01.08.2025 16:43 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Because they are not being updated. The maintained Docker images are under the "zaproxy" org.

30.07.2025 11:02 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Yesterday there were more than 25K ZAP scans run using old versions of ZAP. These are no longer being maintained.
Update your ZAP installs now!
#zaproxy #appsec

30.07.2025 11:00 β€” πŸ‘ 8    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
ZAP – Download The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

We will be deleting all of the ZAP Docker images from the Software Security Project Docker Hub within the next 2 weeks. If you are still pulling images from there then please switch to one of the maintained options: www.zaproxy.org/download/#do...

28.07.2025 10:17 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Preview
The New 'ZAP is Out of Date' Rule If you are using an old version of ZAP then you might start seeing a new alert…

There is a new "ZAP is Out of Date" scan rule - learn more about it via this blog post
www.zaproxy.org/blog/2025-07...
#zaproxy #appsec

25.07.2025 13:33 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
Preview
Timing Related Scan Rule Changes Scan rules related to time based attacks have been split or renamed.

We've recently made some requested changes to the naming and implementation of scan rules which used Time Based attacks. @kingthorin.bsky.social has written about it here: www.zaproxy.org/blog/2025-07...
#zaproxy #appsec

22.07.2025 13:00 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1

None of the major browsers are currently flagging the latest ZAP downloads as suspiciousπŸŽ‰
Thank you to whoever sorted that out!

14.07.2025 12:41 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Edge Support ZAP now has β€œtier 1” support for Microsoft Edge, including exploring, crawling, and attacking.

ZAP now has full support for Microsoft Edge πŸ˜€
www.zaproxy.org/blog/2025-07...
#zaproxy #appsec

10.07.2025 13:08 β€” πŸ‘ 7    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
Authentication Improvements We’ve made a lot of improvements in ZAP’s handling of authentication - here’s a summary of the most significant changes we’ve made.

As promised, here is the first set of documentation for all of the authentication improvements the team has been working on
www.zaproxy.org/blog/2025-07...
#zaproxy #appsec

03.07.2025 12:53 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP Updates - June 2025 A new Intro video, lots of authentication work, and more news on the ZAP browser extensions.

ZAP updates for June:
A new Intro video, lots of authentication work, and more news on the ZAP browser extensions.
www.zaproxy.org/blog/2025-07...
#zaproxy #appsec

01.07.2025 14:22 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
ZAP – Download The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

All of the main browsers flag ZAP as dangerous/potential malware, and there doesnt see to be anything we can do about it.
We've updated the Download page www.zaproxy.org/download/

30.06.2025 16:58 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
An Introduction to ZAP by Checkmarx - Official Version
YouTube video by ZAP An Introduction to ZAP by Checkmarx - Official Version

Still unsure of what ZAP does?
See this video..
youtu.be/yywD8ebNn6o
#zaproxy #dast #appsec

30.06.2025 15:15 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Mega add-on update alert!
We've just upload loads of add-ons, so update your ZAP instances ASAP.
Lots of authentication improvements have been included, more details coming soon ...

20.06.2025 13:34 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
ZAP – ZAP Vs Test Apps The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

We have started to document how to configure ZAP against well known vulnerable apps: www.zaproxy.org/docs/testapps/ Let @psiinon.bsky.social know if you have any feedback or specific requests

10.06.2025 15:06 β€” πŸ‘ 8    πŸ” 3    πŸ’¬ 0    πŸ“Œ 1
ZAP – Is My App Security Testable? The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

www.zaproxy.org/docs/getting...
#zaproxy #appsec

15.05.2025 13:15 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP Updates - April 2025 April 2025 updates and ongoing feature development statuses.

Heres what the ZAP team have been working on during April www.zaproxy.org/blog/2025-05...

06.05.2025 14:24 β€” πŸ‘ 7    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP Wins Inaugural DefectDojo Award for Open-Source Cybersecurity ZAP was recognised as being one of the best dynamic application security testing (DAST) Tools.

ZAP just won an award! Thanks DefectDojo!
www.zaproxy.org/blog/2025-04...
#zaproxy #appsec #award

22.04.2025 13:33 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
PortSwigger Labs: Broken Brute-Force Protection, IP Block Walkthrough for the PortSwigger lab, β€œBroken brute-force protection, IP block”.

New ZAP blog post c/o Jemimah O www.zaproxy.org/blog/2025-04...
#zaproxy #appsec

09.04.2025 11:12 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP Updates - March 2025 We released 2.16.1 and made more authentication handling improvements.

The monthly ZAP Update Blog Post: www.zaproxy.org/blog/2025-04...
#zaproxy #appsec

02.04.2025 12:13 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP 2.16.1 ZAP 2.16.1 has just been released. This is a bug fix release, along with some minor enhancements

ZAP by Checkmarx 2.16.1 has just been released. This is a bug fix release, along with some minor enhancements.
See www.zaproxy.org/blog/2025-03...

25.03.2025 18:26 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP Updates - February 2025 Authentication, authentication, authentication… And there will be a 2.16.1 release β€œsoon”.

The monthly ZAP Update Blog Post: www.zaproxy.org/blog/2025-03...
#zaproxy #appsec

03.03.2025 16:42 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Solving Portswigger Lab File Path Traversal Simple Case with ZAP Video and explanation of How to Solve the Portswigger labs using ZAP, in this case: β€˜Path Traversal Simple Case’

A new guest blog post c/o Bash Bunny www.zaproxy.org/blog/2025-02...

27.02.2025 16:35 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Slack Invite

There's now a ZAP Slack that's open to everyone. You can get an invite to it via zaproxy.org/slack/invite

24.02.2025 13:45 β€” πŸ‘ 8    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
ZAP Chat 20 Client Spider
YouTube video by ZAP ZAP Chat 20 Client Spider

youtu.be/OkELONAQyAY

04.02.2025 17:27 β€” πŸ‘ 3    πŸ” 3    πŸ’¬ 0    πŸ“Œ 0
Preview
The Client Spider We introduced a new Client Spider in ZAP 2.16.0, this blog post and video explain why we did that, how it works, and where it’s going

In ZAP 2.16.0 we introduced a new Client Spider πŸ•·οΈ. This blog post and video explain why we did that, how it works, and where it’s going.
www.zaproxy.org/blog/2025-01...
#zaproxy #appsec

31.01.2025 15:23 β€” πŸ‘ 7    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
ZAP Chat 19 Release 2.16.0
YouTube video by ZAP ZAP Chat 19 Release 2.16.0

Whats new in ZAP 2.16.0?

See the latest ZAP Chat video: youtu.be/o_IgsCaaQMo

21.01.2025 18:35 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
ZAP 2.16.0 ZAP 2.16.0 has just been released. It includes a brand new spider, detachable tabs, policy definitions, and lots more…

ZAP by Checkmarx 2.16.0 has just been released. It includes a brand new spider, detachable tabs, policy definitions, and lots more...
See www.zaproxy.org/blog/2025-01...

10.01.2025 17:17 β€” πŸ‘ 19    πŸ” 8    πŸ’¬ 1    πŸ“Œ 0
ZAP – Download The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

Today’s ZAP weekly release is the new 2.16.0 Release Candidate: zaproxy.org/download/#we...
Please try it out and let @psiinon.bsky.social know how you get on with it!

31.12.2024 13:57 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Use ZAP with Flagger in Kubernetes Learn how to integrate ZAP with Flagger in a Kubernetes cluster to scan the security of each new deployment.

How to ZAP with Flagger in @kubernetes.io
www.zaproxy.org/blog/2024-12...

30.12.2024 10:16 β€” πŸ‘ 10    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

We have decided to delay the ZAP 2.16 release until the New Year.
We will generate another weekly next week and then expect to release a new Release Candidate early next year.
Why? Because we have a very significant enhancement which we want to get into 2.16 πŸ˜€

20.12.2024 17:02 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

@zaproxy.org is following 3 prominent accounts