Tag: Client-Spider

Use the Client Spider for Modern Web Apps

Posted 1437 Words
We now recommend the Client Spider over the AJAX Spider for crawling modern web applications. It finds more endpoints, scales much better vs large apps, and unlocks PTK’s passive coverage for free.

Automating OWASP PTK with ZAP (Phase 2)

Posted 888 Words
ZAP now has a dedicated PTK active scan rule, so you can run the PTK rules in the ZAP active scanner. And there are still more changes planned, but the results against Firing Range have been dramatic!

Automating OWASP PTK with ZAP (Phase 1)

Posted 1258 Words
ZAP’s Automation Framework can now drive OWASP PTK scans using the Client Spider. This is an early release - we want you to try it and give us feedback while we work toward deeper integration with ZAP’s active and passive scan engines.