Kyle
Kyle
An extra space is causing an invalid target in every scan result. **Details to reproduce:** Run a scan such as the code below: ``` const opts = { range: ['scanme.nmap.org']...
An extra space is causing an invalid target in every scan result. This fix is to remove the extra space from the args passed to nmap. **Details to reproduce:** Run...
### Is your feature request related to a problem? Please describe. I've been working through false positives from the time-based blind injection tests, starting with the Command Injection Rule (https://github.com/zaproxy/zap-extensions/blob/main/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CommandInjectionScanRule.java)...
## 🐛 Bug Report If any command times out during playback, an exception is thrown from the setTimeout block here - https://github.com/SeleniumHQ/selenium-ide/blob/de35a8d12f362f5596ab962e11c5b09685a2eeb7/packages/side-runtime/src/playback-tree/command-node.ts#L150-L154 ## To Reproduce Steps to reproduce the behavior:...
### Describe the bug The SQL Injection active scan rule is susceptible to alerting when an application responds with a 429 response code while under load from the scanner. The...
### Describe the bug I'm seeing false positives for check 4 of the sql injection ascan rule against Wordpress websites - https://github.com/zaproxy/zap-extensions/blob/e694707dd775840a1a1b062b47d1934d05ae8593/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/SqlInjectionScanRule.java#L800 The behavior of the target websites that triggers...
## Overview Briefly describe the purpose, goals, and changes or improvements made in this pull request. ## Related Issues Specify any related issues or pull requests by linking to them....
## Overview Fixes sql injection false positives https://github.com/zaproxy/zaproxy/issues/8652 and https://github.com/zaproxy/zaproxy/issues/8653. The short summary is that the current response comparison logic just checks if the response bodies are the same or...
### Is there an existing issue for this? - [x] I have searched the existing issues. ### Current Behavior Recently nuclei scans launched with the `-dut` (-disable-unsigned-templates) flag started seeing...