Skip to content

Commit

Permalink
Merge pull request #1622 from zapbot/update-site-content
Browse files Browse the repository at this point in the history 
Update site content
  • Loading branch information
@thc202
thc202 authored Dec 23, 2024
2 parents 343a142 + 7c9b85a commit 3185f7c
Show file tree
Hide file tree
Showing 14 changed files with 387 additions and 199 deletions.
30 changes: 15 additions & 15 deletions addons/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -823,7 +823,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
<a class="no-border" title="Repository" href="https://github.com/zaproxy/zap-extensions/" target="_blank" rel="noopener noreferrer"><img alt="Repository" src="/img/addons/source.png" /></a>


<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.28.0/commonlib-release-1.28.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>
<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/commonlib-v1.29.0/commonlib-release-1.29.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>



Expand All @@ -836,7 +836,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
commonlib
</td>
<td align="center">
1.28.0
1.29.0
</td>
<td >
release
Expand All @@ -845,7 +845,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
ZAP Dev Team
</td>
<td align="center">
2024-09-24
2024-12-23
</td>
</tr>

Expand Down Expand Up @@ -1165,7 +1165,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
<a class="no-border" title="Repository" href="https://github.com/zaproxy/zap-extensions/" target="_blank" rel="noopener noreferrer"><img alt="Repository" src="/img/addons/source.png" /></a>


<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/domxss-v19/domxss-release-19.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>
<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/domxss-v20/domxss-release-20.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>



Expand All @@ -1178,7 +1178,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
domxss
</td>
<td align="center">
19
20
</td>
<td >
release
Expand All @@ -1187,7 +1187,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
Aabha Biyani, ZAP Dev Team
</td>
<td align="center">
2024-05-07
2024-12-23
</td>
</tr>

Expand Down Expand Up @@ -2515,7 +2515,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
<a class="no-border" title="Repository" href="https://github.com/zaproxy/zap-extensions/" target="_blank" rel="noopener noreferrer"><img alt="Repository" src="/img/addons/source.png" /></a>


<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/network-v0.18.0/network-beta-0.18.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>
<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/network-v0.19.0/network-beta-0.19.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>



Expand All @@ -2528,7 +2528,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
network
</td>
<td align="center">
0.18.0
0.19.0
</td>
<td >
beta
Expand All @@ -2537,7 +2537,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
ZAP Dev Team
</td>
<td align="center">
2024-09-24
2024-12-23
</td>
</tr>

Expand Down Expand Up @@ -3174,7 +3174,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
<a class="no-border" title="Repository" href="https://github.com/zaproxy/zap-extensions/" target="_blank" rel="noopener noreferrer"><img alt="Repository" src="/img/addons/source.png" /></a>


<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.42.0/retire-release-0.42.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>
<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/retire-v0.43.0/retire-release-0.43.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>



Expand All @@ -3187,7 +3187,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
retire
</td>
<td align="center">
0.42.0
0.43.0
</td>
<td >
release
Expand All @@ -3196,7 +3196,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
Nikita Mundhada and the ZAP Dev Team
</td>
<td align="center">
2024-11-25
2024-12-23
</td>
</tr>

Expand Down Expand Up @@ -3415,7 +3415,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
<a class="no-border" title="Repository" href="https://github.com/zaproxy/zap-extensions/" target="_blank" rel="noopener noreferrer"><img alt="Repository" src="/img/addons/source.png" /></a>


<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.30.0/selenium-release-15.30.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>
<a class="no-border" title="Download" href="https://github.com/zaproxy/zap-extensions/releases/download/selenium-v15.31.0/selenium-release-15.31.0.zap" target="_blank" rel="noopener noreferrer"><img alt="Download" src="/img/addons/download.png" /></a>



Expand All @@ -3428,7 +3428,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
selenium
</td>
<td align="center">
15.30.0
15.31.0
</td>
<td >
release
Expand All @@ -3437,7 +3437,7 @@ <h1 class="text--white">ZAP Marketplace</h1>
ZAP Dev Team
</td>
<td align="center">
2024-09-24
2024-12-23
</td>
</tr>

Expand Down
16 changes: 12 additions & 4 deletions docs/desktop/addons/dom-xss-active-scan-rule/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1761,13 +1761,14 @@

<h1 id="dom-xss-active-scan-rule">DOM XSS Active Scan Rule</h1>
<p>An Active Scan rule for detecting DOM XSS vulnerabilities.</p>
<p>It launches browser windows and sends attack payloads to all of the relevant DOM elements.<br>
As it launches browser windows it will take significantly longer than other (non browser based) rules.</p>
<p>It launches browser windows and sends attack payloads to all of the relevant DOM elements.</p>
<p>As it launches browser windows it will take significantly longer than other (non browser based) rules.</p>
<p>This version supports Firefox (the default) and Chrome. They can be run with GUI or headless (default), it can be changed with
the rule <code>rules.domxss.browserid</code>, via the Options &lsquo;Rule configuration&rsquo; panel, with values
<code>firefox</code>, <code>firefox-headless</code>, <code>chrome</code> and <code>chrome-headless</code>.</p>
<p>The following Attack Strengths are supported, and related directly to the number of attack payloads used
for URL fragment and form input field injections (eg: <code>http://example.com/index.html?foo=bar#injection</code>):</p>

<h3 id="strengths-and-thresholds">Strengths and Thresholds <a class="header-link" href="#strengths-and-thresholds"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h3>
<p>The following Attack Strengths are supported, and related directly to the number of attack payloads used for URL fragment and form input field injections (eg: <code>http://example.com/index.html?foo=bar#injection</code>):</p>
<ul>
<li>LOW: 1 attack payloads</li>
<li>MEDIUM: 3 attack payloads</li>
Expand All @@ -1777,6 +1778,13 @@ <h1 id="dom-xss-active-scan-rule">DOM XSS Active Scan Rule</h1>
<p>The scanner will also attempt URL/query parameter injections which are not impacted by the selected strength.</p>
<p>The rule will only report one DOM XSS vulnerability per node, unless the LOW Alert threshold
is used, in which case it will keep trying all of the specified payloads.</p>

<h3 id="exclusions">Exclusions <a class="header-link" href="#exclusions"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h3>
<p>The rule will block the browser it launches from accessing any URLs that are excluded by:</p>
<ul>
<li>Global Exclusions</li>
<li>Context Exclusions, if invoked with the relevant context</li>
</ul>
<p>Latest code: <a href="https://github.com/zaproxy/zap-extensions/blob/main/addOns/domxss/src/main/java/org/zaproxy/zap/extension/domxss/DomXssScanRule.java">DomXssScanRule.java</a></p>

</div>
Expand Down
4 changes: 2 additions & 2 deletions docs/desktop/addons/network/options/localservers/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1803,8 +1803,8 @@ <h4 id="behind-nat">Behind NAT <a class="header-link" href="#behind-nat"><svg cl
<p><strong>Note:</strong> This option is only supported when ZAP is running in an AWS EC2 instance.
ZAP will obtain the public IP address from
<a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#working-with-ip-addresses">AWS EC2
instance&rsquo;s metadata</a>.<br>
ZAP should be started with this option enabled if access to the API, through the public IP address, is required:</p>
instance&rsquo;s metadata</a>.</p>
<p>ZAP should be started with this option enabled if access to the API, through the public IP address, is required:</p>
<blockquote>
<p>zap.sh -daemon -port 8080 -host 0.0.0.0 -config network.localServers.mainProxy.behindNat=true</p>
</blockquote>
Expand Down
24 changes: 12 additions & 12 deletions docs/desktop/addons/network/options/servercertificates/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1812,9 +1812,9 @@ <h3 id="generate">Generate <a class="header-link" href="#generate"><svg class="f
or HTTP client application. See section <a href="#install">installation</a>
for more details.</p>
<p>The generated Root CA certificate is valid, by default, for one year. After that period you have
to create a new one.<br>
Every generated Root CA certificate is 2048 bit strong (RSA with SHA1).<br>
Every generated Root CA certificate starts with serial number &ldquo;1&rdquo;.
to create a new one.</p>
<p>Every generated Root CA certificate is 2048 bit strong (RSA with SHA1).</p>
<p>Every generated Root CA certificate starts with serial number &ldquo;1&rdquo;.
Every generated Root CA certificate consists of the following identifiers:</p>
<p><code> CN = Zed Attack Proxy Root CA</code><br>
<code> L = 87b77fe834b0a301</code><br>
Expand All @@ -1830,8 +1830,8 @@ <h3 id="generate">Generate <a class="header-link" href="#generate"><svg class="f
<h3 id="import">Import <a class="header-link" href="#import"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h3>
<p>When you&rsquo;re using multiple ZAP installation and you want to use the same
Root CA certificate, so you can import it. Simply use one installation of ZAP
to generate one Root CA certificate.<br>
Copy the file &lsquo;config.xml&rsquo; from ZAP&rsquo;s home directory to
to generate one Root CA certificate.</p>
<p>Copy the file &lsquo;config.xml&rsquo; from ZAP&rsquo;s home directory to
the PC, where you want to use the same certificate and press &lsquo;import&rsquo; to import it.</p>
<p>Alternatively you can use the <a href="/docs/desktop/addons/network/cmdline/">command line</a> options:</p>
<ul>
Expand Down Expand Up @@ -1873,8 +1873,8 @@ <h3 id="import">Import <a class="header-link" href="#import"><svg class="fill-cu
<code> j48o5+RLKvqrpxNlMeS5AkEA6qIdW/yp5N8b1j2OxYZ9u5O//BvspwRITGM60Cps</code><br>
<code>yemZE/ua8wm34SKvDHf5uxcmofShW17PLICrsLJ7P35y/A==</code><br>
<code> -----END PRIVATE KEY-----</code><br>
<code> </code><br>
And yes, that example will work - it&rsquo;s the Superfish certificate!</p>
<code> </code></p>
<p>And yes, that example will work - it&rsquo;s the Superfish certificate!</p>

<h3 id="view">View <a class="header-link" href="#view"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h3>
<p>In the options dialog of ZAP you&rsquo;re seeing the certificate in PEM format.
Expand All @@ -1895,9 +1895,9 @@ <h2 id="issued_certificates">Issued Certificates <a class="header-link" href="#i
When running, there will be sub-certificated created, each time an HTTPS
resource is requested.
That means, the Root CA certificate is used as an issuer.</p>
<p>The issued certificates are valid, by default, for 368 days.<br>
The issued certificates is 2048 bit strong (RSA with SHA1).<br>
The issued certificates has a random serial number.
<p>The issued certificates are valid, by default, for 368 days.</p>
<p>The issued certificates is 2048 bit strong (RSA with SHA1).</p>
<p>The issued certificates has a random serial number.
The issued certificates consists of the following identifiers:</p>
<p><code> CN = www.example.com</code><br>
<code> E = [email protected]</code><br>
Expand Down Expand Up @@ -1981,8 +1981,8 @@ <h3 id="mozilla-firefox">Mozilla Firefox <a class="header-link" href="#mozilla-f
</ol>

<h2 id="risks">Risks <a class="header-link" href="#risks"><svg class="fill-current o-60 hover-accent-color-light" height="22px" viewBox="0 0 24 24" width="22px" xmlns="http://www.w3.org/2000/svg"><path d="M0 0h24v24H0z" fill="none"/><path d="M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z" fill="currentColor"/></svg></a></h2>
<p><strong>Attention, there are risks!</strong><br>
When adding self generated Root CA certificates to your list of trusted
<p><strong>Attention, there are risks!</strong></p>
<p>When adding self generated Root CA certificates to your list of trusted
root certificates, everyone with the root certificate can smuggle data
into your system (browser).
In other words when you&rsquo;re not testing in a safe environment, but on
Expand Down
6 changes: 6 additions & 0 deletions docs/desktop/addons/selenium/api/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1812,6 +1812,12 @@ <h2 id="api-actionsviews">API actions/views <a class="header-link" href="#api-ac
<td>browser* argument* enabled</td>
<td>Adds a browser argument.</td>
</tr>
<tr>
<td>launchBrowser</td>
<td>action</td>
<td>browser*</td>
<td>Launches a browser proxying through ZAP, for manual usage.</td>
</tr>
<tr>
<td>removeBrowserArgument</td>
<td>action</td>
Expand Down
Loading

0 comments on commit 3185f7c

Please sign in to comment.