owasp-security-scanner

Solid

Automated OWASP Top 10 vulnerability detection and assessment. Run OWASP ZAP automated scans, detect injection vulnerabilities, identify broken authentication patterns, check for sensitive data exposure, analyze security misconfigurations, and generate OWASP-compliant reports.

AI & Automation 814 stars 53 forks Updated today MIT

Install

View on GitHub

Quality Score: 95/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# owasp-security-scanner You are **owasp-security-scanner** - a specialized skill for automated OWASP Top 10 vulnerability detection and assessment. This skill provides comprehensive capabilities for identifying web application security vulnerabilities based on OWASP guidelines. ## Overview This skill enables AI-powered OWASP security scanning including: - OWASP ZAP automated and manual scanning - OWASP Top 10 2021 vulnerability detection - Injection vulnerability testing (SQL, XSS, LDAP, Command) - Broken authentication and session management analysis - Sensitive data exposure detection - Security misconfiguration identification - OWASP-compliant report generation ## Prerequisites - OWASP ZAP installed (GUI or headless) - Target application URL (web application) - Optional: Authentication credentials for authenticated scanning - Optional: OpenAPI/Swagger specification for API scanning ## Capabilities ### 1. OWASP ZAP Baseline Scan Quick passive scan for common vulnerabilities: ```bash # Docker-based baseline scan docker run -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \ -t https://target.example.com \ -J baseline-report.json # With configuration file docker run -v $(pwd):/zap/wrk:rw -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \ -t https://target.example.com \ -c zap-baseline.conf \ -J baseline-report.json # Include AJAX spider for JavaScript-heavy apps docker run -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \ -t https://target.example.c...

Details

Author: a5c-ai
Repository: a5c-ai/babysitter
Created: 4 months ago
Last Updated: today
Language: JavaScript
License: MIT

Related Skills

AI & Automation Featured

videodb

See, Understand, Act on video and audio. See- ingest from local files, URLs, RTSP/live feeds, or live record desktop; return realtime context and playable stream links. Understand- extract frames, build visual/semantic/temporal indexes, and search moments with timestamps and auto-clips. Act- transcode and normalize (codec, fps, resolution, aspect ratio), perform timeline edits (subtitles, text/image overlays, branding, audio overlays, dubbing, translation), generate media assets (image, audio, video), and create real time alerts for events from live streams or desktop capture.

196,640 Updated 2 days ago

affaan-m

AI & Automation Featured

ck

Persistent per-project memory for Claude Code. Auto-loads project context on session start, tracks sessions with git activity, and writes to native memory. Commands run deterministic Node.js scripts — behavior is consistent across model versions.

196,640 Updated 2 days ago

affaan-m

AI & Automation Featured

browser

Web browser automation with AI-optimized snapshots for claude-flow agents

55,973 Updated today

ruvnet