Zap-Scripts – Zed Attack Proxy Scripts For Finding CVEs And Secrets
Zed Attack Proxy Scripts for finding CVEs and Secrets.
This project uses Gradle to build the ZAP add-on, simply run:
in the main directory of the project, the add-on will be placed in the directory
The easiest way to use this repo in ZAP is to add the directory to the scripts directory in ZAP (under Options -> Scripts).
however, you can also build the add on and install it (under File -> Load Addon File…).
This software is distributed under the MIT License.
The scripts under the
activedirectory are mostly ported from the amazing nuclei-templates repository, so huge shoutout to projectdiscovery and the community.
secret-finder.jsuses regex patterns from the awesome gitleaks project.
takeover-finder.jsuses patterns from the awesome nuclei-templates repository.
THIS SOFTWARE IS PROVIDED FOR EDUCATIONAL USE ONLY! IF YOU ENGAGE IN ANY ILLEGAL ACTIVITY THE AUTHOR DOES NOT TAKE ANY RESPONSIBILITY FOR IT. BY USING THIS SOFTWARE YOU AGREE WITH THESE TERMS.
Please, send us pull requests!