Zap-Scripts - Zed Attack Proxy Scripts For Finding CVEs And Secrets

2 years ago 158
BOOK THIS SPACE FOR AD
ARTICLE AD

Zed Attack Proxy Scripts for finding CVEs and Secrets.

Building

This project uses Gradle to build the ZAP add-on, simply run:

in the main directory of the project, the add-on will be placed in the directory build/zapAddOn/bin/.

Usage

The easiest way to use this repo in ZAP is to add the directory to the scripts directory in ZAP (under Options -> Scripts).

however, you can also build the add on and install it (under File -> Load Addon File...).

License

This software is distributed under the MIT License.

Credits

The scripts under the active directory are mostly ported from the amazing nuclei-templates repository, so huge shoutout to projectdiscovery and the community.

secret-finder.js uses regex patterns from the awesome gitleaks project.

takeover-finder.js uses patterns from the awesome nuclei-templates repository.

LEGAL NOTICE

THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY! IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY THE AUTHOR DOES NOT TAKE ANY RESPONSIBILITY FOR IT. BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.

Get Involved

Please, send us pull requests!

Zap-Scripts - Zed Attack Proxy Scripts For Finding CVEs And Secrets Zap-Scripts - Zed Attack Proxy Scripts For Finding CVEs And Secrets Reviewed by Zion3R on 5:30 PM Rating: 5

Read Entire Article