dast-zap

Name: dast-zap
Rating: 5 (1 reviews)
Author: bg-szy

Dynamic application security testing (DAST) using OWASP ZAP (Zed Attack Proxy) with passive and active scanning, API testing, and OWASP Top 10 vulnerability detection. Use when: (1) Performing runtime security testing of web applications and APIs, (2) Detecting vulnerabilities like XSS, SQL injection, and authentication flaws in deployed applications, (3) Automating security scans in CI/CD pipelin

1stars

Updated 15 days ago

View on GitHub ↗

How to add

/plugin marketplace add bg-szy/TOP-SKILLS

The exact command may vary by repository. Check the README on GitHub.

For the skill author

Drop this on your repo README

Shows your skill is listed on Skillteca, generates a backlink and trackable traffic.

[![Listada na Skillteca](https://www.skillteca.com.br/api/badge/dast-zap-bg-szy/svg)](https://www.skillteca.com.br/skills/dast-zap-bg-szy?utm_source=badge&utm_medium=readme&utm_campaign=badge)

#sql #deploy #test #api

Related skills

See all in DevOps e Infra →

internal-comms

143.8k

Resources to assist in writing various internal communications, adhering to company-preferred formats. Claude should utilize this skill for status reports, leadership updates, newsletters, FAQs, and other internal documents.

DevOps e Infraby anthropics

babysit

79.7k

Monitors a pull request or review cycle until it is ready to merge. This skill is used to track PR comments, reviews, and CI status until all actionable issues are resolved.

DevOps e Infra#aiby thedotmack

do

79.7k

Execute a phased implementation plan using subagents. Use when asked to execute, run, or carry out a plan — especially one created by make-plan.

DevOps e Infra#aiby thedotmack

smart-explore

79.7k

Token-optimized structural code search using tree-sitter AST parsing. Use this instead of reading full files when you need to understand code structure, find functions, or explore a codebase efficiently.

DevOps e Infra#aiby thedotmack

Category alert

Get new DevOps e Infra skills every Monday

One short email with only the new DevOps e Infra skills. 4 minutes of reading, no spam, unsubscribe with one click.

You confirm your email on the first send. No spam. Unsubscribe with one click.

DAST with OWASP ZAP

Overview

OWASP ZAP (Zed Attack Proxy) is an open-source DAST tool that acts as a manipulator-in-the-middle proxy to intercept, inspect, and test web application traffic for security vulnerabilities. ZAP provides automated passive and active scanning, API testing capabilities, and seamless CI/CD integration for runtime security testing.

Quick Start

Baseline Scan (Docker)

Run a quick passive security scan:

docker run -t zaproxy/zap-stable zap-baseline.

[Description truncada. Veja o README completo no GitHub.]

ShareX LinkedIn

Comments · No comments

No comments yet. Be the first.