-
Notifications
You must be signed in to change notification settings - Fork 14
Home
matthewD-AVI edited this page May 14, 2018
·
11 revisions
This tool is the Attack Surface Detector, a plugin for OWASP ZAP. This tool figures out the endpoints of a web application, the parameters these endpoints accept, and the data type of those parameters. This includes the unlinked endpoints a spider won't find in client-side code, or optional parameters totally unused in client-side code. The plugin then imports this data into ZAP so you view the results, or work with the detected endpoints and parameters from the target site map.