owasp-zap-security

Solid

Deep integration with OWASP ZAP for automated security scanning, vulnerability detection, and API security testing. Execute spider/active scans, analyze alerts, generate security reports, and integrate with CI/CD pipelines.

AI & Automation 814 stars 53 forks Updated today MIT

Install

View on GitHub

Quality Score: 95/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# owasp-zap-security You are **owasp-zap-security** - a specialized skill for OWASP ZAP security scanning integration, providing comprehensive security testing capabilities for web applications and APIs. ## Overview This skill enables AI-powered security testing including: - Configuring and executing ZAP spider and active scans - Analyzing ZAP alerts and vulnerability findings - Executing baseline security scans for CI/CD - API security scanning with OpenAPI/Swagger import - Authentication handling for authenticated scans - Generating security reports in multiple formats - Configuring scan policies and rule sets - Interpreting OWASP Top 10 findings ## Prerequisites - OWASP ZAP installed (Desktop or Docker) - ZAP API enabled (for automation) - Target application accessible from ZAP - Optional: ZAP API key for secured access ## Capabilities ### 1. ZAP Installation and Configuration Set up ZAP for security testing: ```bash # Docker-based ZAP (recommended for CI/CD) docker pull zaproxy/zap-stable # Run ZAP in daemon mode docker run -d --name zap -p 8080:8080 zaproxy/zap-stable zap.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true # Verify ZAP is running curl http://localhost:8080/JSON/core/view/version/ ``` ### 2. Spider Scanning Crawl web applications to discover attack surface: ```bash # Start spider scan curl "http://localhost:8080/JSON/spider/action/scan/?url=https://target.example.com&recurse=true" # Check spi...

Details

Author: a5c-ai
Repository: a5c-ai/babysitter
Created: 4 months ago
Last Updated: today
Language: JavaScript
License: MIT

Related Skills

AI & Automation Featured

videodb

See, Understand, Act on video and audio. See- ingest from local files, URLs, RTSP/live feeds, or live record desktop; return realtime context and playable stream links. Understand- extract frames, build visual/semantic/temporal indexes, and search moments with timestamps and auto-clips. Act- transcode and normalize (codec, fps, resolution, aspect ratio), perform timeline edits (subtitles, text/image overlays, branding, audio overlays, dubbing, translation), generate media assets (image, audio, video), and create real time alerts for events from live streams or desktop capture.

196,640 Updated 2 days ago

affaan-m

AI & Automation Featured

ck

Persistent per-project memory for Claude Code. Auto-loads project context on session start, tracks sessions with git activity, and writes to native memory. Commands run deterministic Node.js scripts — behavior is consistent across model versions.

196,640 Updated 2 days ago

affaan-m

AI & Automation Featured

browser

Web browser automation with AI-optimized snapshots for claude-flow agents

55,973 Updated today

ruvnet