Release 1.2.0

本リリースでは以下のような変更が行われました。

Significant changes:

Memory Leaks

Memory leaks have been fixed in the 動的スキャナ and spider.

Invoke applications

External applications can now be invoked from the Sites and History tabs.

Passive Scanner

The passive scanner now looks for vulnerabilities, such as:
    Autocomplete forms with password fields
    Cookies without the 'HttpOnly' flag
    SSL Cookies without the 'secure' flag
    Weak authentication

小変更:

XML Reports

A new 'Generate XML Report...' menu item is now included in the top level Reports menu.

Manual Request Editor and Resend dialogs

Requests submitted by the 手動リクエスト and 再送信 dialogs are now shown in the サイト and 履歴 tabs.
A new 'Method' pull down allows you to switch between the HTTP methods, this automatically moves parameters between the URL and the body when a POST method is selected or deselected.

Alerts UI

The サイト tab now shows any alerts as flags to the right of any node names.
The alert counts in the footer now show the number of different types of alerts rather than the total number of instances.

Active scanner delay option

The delay in milliseconds between each 動的スキャナ request can now be set via the Options Active Scan screen. This will increase the time an active scan takes but will reduce the load on the target.

UI Changes

The サイト tab now takes up all of the left hand side - this can be changed back via the Options Display screen if required.

The 'toolbar' on the リクエスト, レスポンス and ブレーク tabs and the 手動リクエスト and 再送信 dialogs is now at the top rather than the bottom.

The scanner counts in the footer are now displayed on the right hand side.

関連情報

     導入ZAPのご紹介
     リリースthe full set of releases
     Creditsthe people and groups who have made this release possible