dast-workflow

Name: dast-workflow
Rating: 5 (4 reviews)
Author: roodlicht

Dynamic Application Security Testing workflow — OWASP ZAP automation (baseline/full/API scans), Burp Suite Professional playbooks, Burp Collaborator for out-of-band detection, auth-state orchestration, and CI integration with scope-safe active scanning.

4stars

Updated 20 days ago

View on GitHub ↗License: NOASSERTION

How to add

/plugin marketplace add roodlicht/accans-sec-skills

The exact command may vary by repository. Check the README on GitHub.

For the skill author

Drop this on your repo README

Shows your skill is listed on Skillteca, generates a backlink and trackable traffic.

[![Listada na Skillteca](https://www.skillteca.com.br/api/badge/dast-workflow/svg)](https://www.skillteca.com.br/skills/dast-workflow?utm_source=badge&utm_medium=readme&utm_campaign=badge)

#test #api

Related skills

See all in Automação →

MoneyPrinterTurbo

84.1k

利用AI大模型，一键生成高清短视频 Generate short videos with one click using AI LLM.

Automaçãoby harry0703

weather-svg-creator

55.6k

Creates an SVG weather card showing the current temperature for Dubai. Writes the SVG to orchestration-workflow/weather.svg and updates orchestration-workflow/output.md.

Automação#aiby shanraisshan

telegram-bot-builder

39.2k

Expert in building Telegram bots that solve real problems - from

Automação#github#gitby sickn33

segment-automation

39.2k

Automate Segment tasks via Rube MCP (Composio): track events, identify users, manage groups, page views, aliases, batch operations. Always search tools first for current schemas.

Automação#github#gitby sickn33

Category alert

Get new Automação skills every Monday

One short email with only the new Automação skills. 4 minutes of reading, no spam, unsubscribe with one click.

You confirm your email on the first send. No spam. Unsubscribe with one click.

DAST Workflow

When to use

DAST tests a running application from the outside. Where sast-orchestrator reads code, DAST sends HTTP requests and looks at response patterns. That covers runtime behaviour SAST doesn't see (auth flows, session handling, header config, reverse-proxy misconfig, DoS sensitivity).

Activates on:

A request like "set up ZAP against our staging", "run a baseline scan", "review this Burp output", "how does the scanner log in", "DAST in CI".
A new deployable envi

[Description truncada. Veja o README completo no GitHub.]

ShareX LinkedIn

Comments · No comments

No comments yet. Be the first.