https://wiki.owasp.org/index.php?action=history&feed=atom&title=ZAPpingTheTop10-2013 ZAPpingTheTop10-2013 - Revision history 2026-04-08T19:33:14Z Revision history for this page on the wiki MediaWiki 1.27.2 https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=236306&oldid=prev Rick.mitchell: Rick.mitchell moved page ZAPpingTheTop10 to ZAPpingTheTop10-2013: Prep for 2017 update 2017-12-18T14:25:15Z <p>Rick.mitchell moved page <a href="/index.php/ZAPpingTheTop10" title="ZAPpingTheTop10">ZAPpingTheTop10</a> to <a href="/index.php/ZAPpingTheTop10-2013" title="ZAPpingTheTop10-2013">ZAPpingTheTop10-2013</a>: Prep for 2017 update</p> <table class="diff diff-contentalign-left" data-mw="interface"> <tr style='vertical-align: top;' lang='en'> <td colspan='1' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='1' style="background-color: white; color:black; text-align: center;">Revision as of 14:25, 18 December 2017</td> </tr><tr><td colspan='2' style='text-align: center;' lang='en'><div class="mw-diff-empty">(No difference)</div> </td></tr></table> Rick.mitchell https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=234368&oldid=prev Rick.mitchell: Updated per https://github.com/zaproxy/zaproxy/issues/3883 2017-10-13T17:17:40Z <p>Updated per https://github.com/zaproxy/zaproxy/issues/3883</p> <table class="diff diff-contentalign-left" data-mw="interface"> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;' lang='en'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:17, 13 October 2017</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l18" >Line 18:</td> <td colspan="2" class="diff-lineno">Line 18:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; SQLMap Injection Engine (Beta&lt;tt&gt;*&lt;/tt&gt;)&#160; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; SQLMap Injection Engine (Beta&lt;tt&gt;*&lt;/tt&gt;)&#160; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A2 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A2-Broken_Authentication_and_Session_Management | A2 Broken Authentication and Session Management]]&lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A2 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A2-Broken_Authentication_and_Session_Management | A2 Broken Authentication and Session Management]]&lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l25" >Line 25:</td> <td colspan="2" class="diff-lineno">Line 24:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsBruteForceConcepts Forced Browse (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsBruteForceConcepts Forced Browse (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/AddOn_tokengen Token Generator (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/AddOn_tokengen Token Generator (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Vehicle (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A3 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt;[[Top_10_2013-A3-Cross-Site_Scripting_(XSS) | A3 Cross-Site Scripting (XSS)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A3 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt;[[Top_10_2013-A3-Cross-Site_Scripting_(XSS) | A3 Cross-Site Scripting (XSS)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l32" >Line 32:</td> <td colspan="2" class="diff-lineno">Line 29:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsPlugnhackPlugnhack Plug-n-Hack (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsPlugnhackPlugnhack Plug-n-Hack (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A4 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A4-Insecure_Direct_Object_References | A4 Insecure Direct Object References]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A4 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A4-Insecure_Direct_Object_References | A4 Insecure Direct Object References]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpUiTabsParams Params tab] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpUiTabsParams Params tab] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A5 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A5-Security_Misconfiguration | A5 Security Misconfiguration]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A5 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A5-Security_Misconfiguration | A5 Security Misconfiguration]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsAscanrulesAscanrules Release], [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsAscanrulesAlphaAscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsAscanrulesAscanrules Release], [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsAscanrulesAlphaAscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsPscanrulesPscanrules Release], [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPscanrulesBetaPscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsPscanrulesPscanrules Release], [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPscanrulesBetaPscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; <del class="diffchange diffchange-inline">&lt;tt&gt;</del>HttpsInfo<del class="diffchange diffchange-inline">&lt;/tt&gt;&#160; </del>(Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; <ins class="diffchange diffchange-inline">[https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsHttpsinfoHttpsinfo </ins>HttpsInfo (Alpha)<ins class="diffchange diffchange-inline">]</ins>&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPortscanConcepts Port Scanner (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsPortscanConcepts Port Scanner (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l53" >Line 53:</td> <td colspan="2" class="diff-lineno">Line 48:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsSpiderAjaxConcepts Ajax Spider (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsSpiderAjaxConcepts Ajax Spider (Beta)] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpUiTlmenuReport#Compare_with_another_Session... Session comparison] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpUiTlmenuReport#Compare_with_another_Session... Session comparison] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Access Control (<del class="diffchange diffchange-inline">Currently only available in Weekly release</del>) &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; <ins class="diffchange diffchange-inline">[https://github.com/zaproxy/zap-extensions/wiki/HelpAddonsAccessControlConcepts </ins>Access Control (<ins class="diffchange diffchange-inline">Alpha</ins>)<ins class="diffchange diffchange-inline">] </ins>&lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A8 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF) | A8 Cross-Site Request Forgery (CSRF)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A8 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF) | A8 Cross-Site Request Forgery (CSRF)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l67" >Line 67:</td> <td colspan="2" class="diff-lineno">Line 62:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsAscanrulesAscanrules Release]) &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://github.com/zaproxy/zap-core-help/wiki/HelpAddonsAscanrulesAscanrules Release]) &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://github.com/zaproxy/zap-core-help/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://github.com/zaproxy/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</del></div></td><td colspan="2">&#160;</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;/table&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;/table&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tt&gt;*&lt;/tt&gt; The stared add-ons are not included by default in the full ZAP release but can be downloaded from the ZAP Marketplace via the [https://github.com/zaproxy/zap-extensions/wiki/Introduction ‘Manage add-ons’] button on the ZAP main toolbar. &lt;/p&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tt&gt;*&lt;/tt&gt; The stared add-ons are not included by default in the full ZAP release but can be downloaded from the ZAP Marketplace via the [https://github.com/zaproxy/zap-extensions/wiki/Introduction ‘Manage add-ons’] button on the ZAP main toolbar. &lt;/p&gt;</div></td></tr> </table> Rick.mitchell https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=196304&oldid=prev Psiinon: Updated links to point to github 2015-06-18T08:51:34Z <p>Updated links to point to github</p> <a href="https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&amp;diff=196304&amp;oldid=186028">Show changes</a> Psiinon https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=186028&oldid=prev Psiinon at 11:19, 26 November 2014 2014-11-26T11:19:39Z <p></p> <table class="diff diff-contentalign-left" data-mw="interface"> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;' lang='en'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 11:19, 26 November 2014</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l61" >Line 61:</td> <td colspan="2" class="diff-lineno">Line 61:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A9 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities | A9 Using Components with Known Vulnerabilities]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A9 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities | A9 Using Components with Known Vulnerabilities]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha])&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha]<ins class="diffchange diffchange-inline">)&lt;tt&gt;*&lt;/tt&gt; and Retire (Alpha</ins>)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&#160; &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> </table> Psiinon https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=181347&oldid=prev Rick.mitchell at 14:43, 28 August 2014 2014-08-28T14:43:06Z <p></p> <table class="diff diff-contentalign-left" data-mw="interface"> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;' lang='en'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 14:43, 28 August 2014</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l7" >Line 7:</td> <td colspan="2" class="diff-lineno">Line 7:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;table class=&quot;wikitable&quot;&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;table class=&quot;wikitable&quot;&gt;</div></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; Common <del class="diffchange diffchange-inline">components </del>&lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; Common <ins class="diffchange diffchange-inline">Components </ins>&lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; The &amp;#x27;common components&amp;#x27; can be used for pretty much everything, so can be used to help detect all of the Top 10&#160; &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; The &amp;#x27;common components&amp;#x27; can be used for pretty much everything, so can be used to help detect all of the Top 10&#160; &lt;/td&gt;&lt;/tr&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsIntercept Intercepting proxy] &lt;/td&gt;&lt;/tr&gt;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsIntercept Intercepting proxy] &lt;/td&gt;&lt;/tr&gt;</div></td></tr> </table> Rick.mitchell https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=181346&oldid=prev Psiinon at 14:00, 28 August 2014 2014-08-28T14:00:42Z <p></p> <table class="diff diff-contentalign-left" data-mw="interface"> <col class='diff-marker' /> <col class='diff-content' /> <col class='diff-marker' /> <col class='diff-content' /> <tr style='vertical-align: top;' lang='en'> <td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td> <td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 14:00, 28 August 2014</td> </tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l3" >Line 3:</td> <td colspan="2" class="diff-lineno">Line 3:</td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;p&gt;This document gives an overview of the automatic and manual components provided by the [[OWASP Zed Attack Proxy Project ]] (ZAP) that are recommended for testing each of the [[OWASP Top Ten Project]] 2013 risks. &#160;</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>&lt;p&gt;This document gives an overview of the automatic and manual components provided by the [[OWASP Zed Attack Proxy Project ]] (ZAP) that are recommended for testing each of the [[OWASP Top Ten Project]] 2013 risks. &#160;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> <tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>&lt;/p&gt;&lt;p&gt;Note that the [[OWASP Top Ten Project]] risks cover a wide range of underlying vulnerabilities, some of which are not really possible to test for in a completely automated way. If a completely automated tool claims to protect you against the full OWASP Top Ten then you can be sure they are being ‘economical with the truth’! &lt;/p&gt;&lt;p&gt;A printable (pdf) version of this document <del class="diffchange diffchange-inline">can be downloaded </del>[<del class="diffchange diffchange-inline">http</del>://<del class="diffchange diffchange-inline">sourceforge</del>.<del class="diffchange diffchange-inline">net</del>/<del class="diffchange diffchange-inline">projects/zaproxy/files/docs</del>/ZAPpingTheOwaspTop10.pdf<del class="diffchange diffchange-inline">/download here</del>] &lt;/p&gt;&lt;p&gt;</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>&lt;/p&gt;&lt;p&gt;Note that the [[OWASP Top Ten Project]] risks cover a wide range of underlying vulnerabilities, some of which are not really possible to test for in a completely automated way. If a completely automated tool claims to protect you against the full OWASP Top Ten then you can be sure they are being ‘economical with the truth’! &lt;/p&gt;&lt;p&gt;A printable (pdf) version of this document <ins class="diffchange diffchange-inline">is also available: </ins>[<ins class="diffchange diffchange-inline">https</ins>://<ins class="diffchange diffchange-inline">www</ins>.<ins class="diffchange diffchange-inline">owasp.org</ins>/<ins class="diffchange diffchange-inline">index.php</ins>/<ins class="diffchange diffchange-inline">File:ZAPpingTheOwaspTop10.pdf </ins>ZAPpingTheOwaspTop10.pdf] &lt;/p&gt;&lt;p&gt;</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>The component links take you to the relevant places in an online version of the ZAP User Guide from which you can learn more.</div></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>The component links take you to the relevant places in an online version of the ZAP User Guide from which you can learn more.</div></td></tr> <tr><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'>&#160;</td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr> </table> Psiinon https://wiki.owasp.org/index.php?title=ZAPpingTheTop10-2013&diff=181343&oldid=prev Psiinon: Created page with "= ZAPping the OWASP Top 10 = <p>This document gives an overview of the automatic and manual components provided by the OWASP Zed Attack Proxy Project (ZAP) that are reco..." 2014-08-28T11:15:01Z <p>Created page with &quot;= ZAPping the OWASP Top 10 = &lt;p&gt;This document gives an overview of the automatic and manual components provided by the <a href="/index.php/OWASP_Zed_Attack_Proxy_Project" title="OWASP Zed Attack Proxy Project">OWASP Zed Attack Proxy Project </a> (ZAP) that are reco...&quot;</p> <p><b>New page</b></p><div>= ZAPping the OWASP Top 10 =<br /> <br /> &lt;p&gt;This document gives an overview of the automatic and manual components provided by the [[OWASP Zed Attack Proxy Project ]] (ZAP) that are recommended for testing each of the [[OWASP Top Ten Project]] 2013 risks. <br /> <br /> &lt;/p&gt;&lt;p&gt;Note that the [[OWASP Top Ten Project]] risks cover a wide range of underlying vulnerabilities, some of which are not really possible to test for in a completely automated way. If a completely automated tool claims to protect you against the full OWASP Top Ten then you can be sure they are being ‘economical with the truth’! &lt;/p&gt;&lt;p&gt;A printable (pdf) version of this document can be downloaded [http://sourceforge.net/projects/zaproxy/files/docs/ZAPpingTheOwaspTop10.pdf/download here] &lt;/p&gt;&lt;p&gt;<br /> The component links take you to the relevant places in an online version of the ZAP User Guide from which you can learn more.<br /> <br /> &lt;table class=&quot;wikitable&quot;&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; Common components &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; The &amp;#x27;common components&amp;#x27; can be used for pretty much everything, so can be used to help detect all of the Top 10 &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsIntercept Intercepting proxy] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpUiDialogsMan_req Manual request] / [https://code.google.com/p/zaproxy/wiki/HelpUiDialogsResend resend] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpAddonsScriptsScripts Scripts] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpUiTabsSearch Search] &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A1 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A1-Injection | A1 Injection]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsAscanrulesAscanrules Release], [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesAlphaAscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; SQLMap Injection Engine (Beta&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://code.google.com/p/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A2 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A2-Broken_Authentication_and_Session_Management | A2 Broken Authentication and Session Management]]&lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsHttpsessions Http Sessions] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsSpider Spider] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpAddonsBruteForceConcepts Forced Browse (Beta)] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/AddOn_tokengen Token Generator (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Vehicle (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A3 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt;[[Top_10_2013-A3-Cross-Site_Scripting_(XSS) | A3 Cross-Site Scripting (XSS)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsAscanrulesAscanrules Release]) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://code.google.com/p/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpAddonsPlugnhackPlugnhack Plug-n-Hack (Beta)] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A4 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A4-Insecure_Direct_Object_References | A4 Insecure Direct Object References]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpUiTabsParams Params tab] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A5 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A5-Security_Misconfiguration | A5 Security Misconfiguration]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsAscanrulesAscanrules Release], [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesAlphaAscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsPscanrulesPscanrules Release], [https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesBetaPscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;tt&gt;HttpsInfo&lt;/tt&gt; (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/HelpAddonsPortscanConcepts Port Scanner (Beta)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A6 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A6-Sensitive_Data_Exposure | A6 Sensitive Data Exposure]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsAscanrulesAscanrules Release], [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesAlphaAscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsPscanrulesPscanrules Release], [https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesBetaPscanbeta Beta]&lt;tt&gt;*&lt;/tt&gt; and [https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha]&lt;tt&gt;*&lt;/tt&gt;) &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A7 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A7-Missing_Function_Level_Access_Control | A7 Missing Function Level Access Control]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsSpider Spider] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpAddonsSpiderAjaxConcepts Ajax Spider (Beta)] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpUiTlmenuReport#Compare_with_another_Session... Session comparison] &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Access Control (Currently only available in Weekly release) &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A8 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF) | A8 Cross-Site Request Forgery (CSRF)]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zap-extensions/wiki/HelpAddonsAscanrulesBetaAscanbeta Beta])&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesBetaPscanbeta Beta])&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpUiTabsSites#Generate_anti_CSRF_test_form Generate Anti CSRF Test Form] &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A9 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A9-Using_Components_with_Known_Vulnerabilities | A9 Using Components with Known Vulnerabilities]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsPscan Passive Scan Rules] ([https://code.google.com/p/zap-extensions/wiki/HelpAddonsPscanrulesAlphaPscanalpha Alpha])&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zap-extensions/wiki/HelpAddonsWappalyzerWappalyzer Technology detection (Alpha)]&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> <br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; A10 &lt;/font&gt; &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; &lt;font size=&quot;5&quot;&gt; [[Top_10_2013-A10-Unvalidated_Redirects_and_Forwards | A10 Unvalidated Redirects and Forwards]] &lt;/font&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Automated &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsAscan Active Scan Rules] ([https://code.google.com/p/zaproxy/wiki/HelpAddonsAscanrulesAscanrules Release]) &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; [https://code.google.com/p/zaproxy/wiki/HelpStartConceptsFuzz Fuzzer], combined with the [https://code.google.com/p/zap-extensions/wiki/AddOn_fuzzdb FuzzDb (Release)]&lt;tt&gt;*&lt;/tt&gt; and SVN Digger (Beta)&lt;tt&gt;*&lt;/tt&gt; files &lt;/td&gt;&lt;/tr&gt;<br /> &lt;tr&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Manual &lt;/td&gt;&lt;td style=&quot;border: 1px solid #ccc; padding: 5px;&quot;&gt; Diviner (Alpha)&lt;tt&gt;*&lt;/tt&gt; &lt;/td&gt;&lt;/tr&gt;<br /> &lt;/table&gt;<br /> <br /> &lt;tt&gt;*&lt;/tt&gt; The stared add-ons are not included by default in the full ZAP release but can be downloaded from the ZAP Marketplace via the [https://code.google.com/p/zap-extensions/wiki/Introduction ‘Manage add-ons’] button on the ZAP main toolbar. &lt;/p&gt;</div> Psiinon