ZAP 2.14.0 Released – What’s New!
ZAP is a free and begin-source web utility security scanner. It is designed to be utilized by skilled penetration testers to boot as contributors who’re fresh to utility security.
It has bought Flagship place and has been sensible one of the most packed with life Inaugurate Web Utility Security Venture initiatives.
ZAP 2.14.0 is now on hand, along with make stronger for Host Header Manipulation, ZAPit, API File Transfers, Graal JS Add-on Access, Postman collections, SBOMs, and extra.
Deploy Superior AI-Powered E mail Security Resolution
Enforcing AI-Powered E mail security alternate concepts “Trustifi” can trusty your industry from this day’s most unhealthy email threats, corresponding to E mail Monitoring, Blocking off, Bettering, Phishing, Memoir Carry Over, Industry E mail Compromise, Malware & Ransomware
What’s Novel in ZAP 2.14.0?
In this as a lot as this level version, ZAP now supports manipulating host headers. There could be a fresh “Update Host Header” button on hand on the Fracture, E book Search data from, and Requester dialogues. By default, right here’s enabled (to preserve up backward compatibility).
A brand fresh -zapit disclose line option is also integrated in this version to present a mercurial ‘reconnaissance’ scan of the provided URL.
The API file transfers could well additionally simply now be frail to add and rep recordsdata to and from ZAP. As a safety precaution, this characteristic is deactivated by default.
Anyone working Java 15+ has needed to depend upon the Graal JS add-on for JavaScript make stronger since Oracle removed the Nashorn JavaScript engine from Java 15.
Unfortunately, it could perchance well additionally no longer access add-on classes owing to classloader concerns; now that these concerns had been mounted, Graal JS is the urged JavaScript engine to use in ZAP.
For the ZAP core and any add-on the ZAP team maintains, ZAP gives a runtime Tool Invoice of Materials (SBOM) produced by CycloneDX.
In the ZAP Browser Extensions, beneath the fresh Client Facet Integration add-on which supports:
- Browser Recording
- Streaming client-facet occasions to ZAP
The discharge also entails dependency updates. The next libraries had been as a lot as this level:
- Commons Lang, 3.12.0 → 3.13.0
- Flatlaf 3.1.1 → 3.2.1
- RSyntaxTextArea, 3.3.3 → 3.3.4
The next library changed into as soon as added:
- Log4j JUL Adapter 2.20.0
Novel Add-Ons:
Postman, which helps you to import Postman collections during the UI. Importing during the API and disclose line is in progress.
A total checklist of enhancements and fixes will most doubtless be chanced on right here.
Source credit : cybersecuritynews.com