HelpReleases2_4_2
The following changes were made in this release:
- Issue 1306 : Java PermSize command line flag removed in Java 8
- Issue 1593 : Auto-scroll in Spider tab
- Issue 1600 : Dont report X-Frame-Options alert on 403 and 404 pages
- Issue 1654 : httpSessions/createEmptySession should initialize a site that was not previously visited
- Issue 1702 : Add "recurse" option to the spider API
- Issue 1715 : Unable to pass arguments when launching ZAP from the command line on Mac OS X
- Issue 1766 : Remove context via the API
- Issue 1768 : Update to use a more recent user-agent
- Issue 1778 : Passive scan AJAX spider requests
- Issue 1790 : Move Buffer Overflow Scanner from Beta to Release
- Issue 1793 : Allow active scan scripts to check if the scan was stopped
- Issue 1795 : Allow JVM options to be configured via GUI
- Issue 1799 : Minor Feature Request: Allow URL to be pasted into start Spider dialog.
- Issue 1802 : Minor Enhancement: Change active Pause Button to a Play button
- Issue 1849 : Option to merge related issues in reports
- Issue 1857 : Libraries that were updated
- Issue 1865 : Increase maximum db size
- Issue 1760 : Unable to initialize home directory! xml/config.xml (No such file or directory)
- Issue 1763 : Automatic check for updates fails to report new versions
- Issue 1770 : Exceptions when calling (some) context API actions in daemon mode
- Issue 1771 : For OSX the zap.sh in the core download hard-codes the relative java location
- Issue 1772 : On OS X, Found Java version lies
- Issue 1777 : "Cannot locate configuration source null.policy" after opening "Active Scan" dialogue
- Issue 1781 : ZAP errors with "Unsupported option '-psn_x_xxxxxxx'" on OS X
- Issue 1784 : NullPointerException when active scanning through the API with a target without scheme
- Issue 1785 : Plugin enabled even if dependencies are not, "hangs" active scan
- Issue 1787 : Context not used by the Spider even if selected
- Issue 1788 : Scan Progress Pane Needs Sorting Change
- Issue 1789 : Forced Browse/AJAX Spider messages not restored to Sites tab
- Issue 1792 : Report not generated in daemon mode
- Issue 1798 : Stop Attack Feature Locks up ZAP?
- Issue 1804 : Disable processing of XML external entities by default
- Issue 1805 : ZAP API might not return the response in requested format on errors
- Issue 1858 : Spider might report wrong progress after finishing
- Issue 1872 : EDT accessed in daemon mode
| Introduction | the introduction to ZAP | |
| Releases | the full set of releases | |
| Credits | the people and groups who have made this release possible |
-
ZAP User Guide
- Introduction
-
Getting Started
- Configuring proxies
-
Features
- Active Scan
- Add-ons
- Alerts
- Anti CSRF Tokens
- API
- Authentication
- Break Points
- Callbacks
- Contexts
- Data Driven Content
- Filters
- Globally Excluded URLs
- HTTP Sessions
- Man-in-the-middle Proxy
- Modes
- Notes
- Passive Scan
- Scan Policies
- Scope
- Session Management
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- Scanner Rules
- A Simple Penetration Test
-
The User Interface
- Overview
- The Top Level Menu
- The Top Level Toolbar
- The Tabs
-
The Dialogs
- Active Scan
- Add Alert
- Add Break Point
- Add Note
- Encode/Decode/Hash
- Filter
- Find
- History Filter
- Manual Request Editor
- Manage Add-ons
- Manage Tags
-
Options
- Active Scan
- Active Scan Input Vectors
- Alerts
- Anti CSRF Tokens
- API
- Breakpoints
- Callback Address
- Certificate
- Check for Updates
- Connection
- Database
- Display
- Dynamic SSL Certificates
- Extensions
- Global Exclude URL
- HTTP Sessions
- JVM
- Keyboard
- Language
- Local Proxies
- Passive Scan Rules
- Passive Scan Tags
- Passive Scanner
- Rule Configuration
- Scripts
- Search
- Spider
- Statistics
- Persist Session
- Resend
- Scan Policy Manager
- Scan Progress
- Session
- Spider
- The Footer
- Command Line
- Add Ons
- Releases
- Paros Proxy
- Credits
