/authors/akshath/ Recent content in Akshath on ZAP Hugo en-us Fri, 06 Feb 2026 00:00:00 +0000 /blog/2026-02-06-detecting-graphql-cycles/ Fri, 06 Feb 2026 00:00:00 +0000 /blog/2026-02-06-detecting-graphql-cycles/ ZAP can now detect cycles in GraphQL schemas that could lead to denial of service attacks. /blog/2025-09-03-configuring-scan-policies-with-alert-tags/ Wed, 03 Sep 2025 00:00:00 +0000 /blog/2025-09-03-configuring-scan-policies-with-alert-tags/ A new feature in ZAP&rsquo;s automation framework allows you to configure scan policies using alert tags, making it easier to target specific types of vulnerabilities without manually managing individual scan rules. /blog/2025-05-05-zap-updates-april-2025/ Mon, 05 May 2025 00:00:00 +0000 /blog/2025-05-05-zap-updates-april-2025/ April 2025 updates and ongoing feature development statuses. /blog/2025-02-04-zap-updates-january-2025/ Tue, 04 Feb 2025 00:00:00 +0000 /blog/2025-02-04-zap-updates-january-2025/ Starting 2025 with a full release, a new way to crawl modern web apps, and better authentication capabilities. /blog/2024-11-01-zap-updates-october-2024/ Fri, 01 Nov 2024 00:00:00 +0000 /blog/2024-11-01-zap-updates-october-2024/ ZAP Updates are back after a small break. Read about the updates from October, including an upgrade to Java 17, scanning of sequenced requests, a potential LLM integration, and more. /blog/2024-07-17-script-scan-rules/ Wed, 17 Jul 2024 00:00:00 +0000 /blog/2024-07-17-script-scan-rules/ ZAP scripts can now do everything that scan rules can. /blog/2023-11-02-zap-updates-october-2023/ Thu, 02 Nov 2023 00:00:00 +0000 /blog/2023-11-02-zap-updates-october-2023/ A new ZAP version, a CLI feature to do quick reconnaissance, and more! /blog/2023-07-05-zap-updates-june-2023/ Wed, 05 Jul 2023 00:00:00 +0000 /blog/2023-07-05-zap-updates-june-2023/ June 2023 updates and ongoing feature development statuses. /blog/2023-06-13-ghcr-docker-images/ Tue, 13 Jun 2023 00:00:00 +0000 /blog/2023-06-13-ghcr-docker-images/ ZAP Docker images are now also published to the GitHub Container Registry. /blog/2023-06-01-zap-updates-may-2023/ Thu, 01 Jun 2023 00:00:00 +0000 /blog/2023-06-01-zap-updates-may-2023/ May 2023 updates and ongoing feature development statuses. /blog/2023-04-03-zap-updates-march-2023/ Mon, 03 Apr 2023 00:00:00 +0000 /blog/2023-04-03-zap-updates-march-2023/ March 2023 updates and ongoing feature development statuses. /blog/2022-09-13-zap-extender-scripts/ Tue, 13 Sep 2022 00:00:00 +0000 /blog/2022-09-13-zap-extender-scripts/ An overview of ZAP Extender scripts with examples. Use ZAP as a web server, subscribe to internal ZAP events, and more! /blog/2021-12-14-log4shell-detection-with-zap/ Tue, 14 Dec 2021 00:00:00 +0000 /blog/2021-12-14-log4shell-detection-with-zap/ A walkthrough of using the new Log4Shell Alpha Active Scan rule with the ZAP Automation Framework. /blog/2021-08-23-oast-with-owasp-zap/ Mon, 23 Aug 2021 00:00:00 +0000 /blog/2021-08-23-oast-with-owasp-zap/ An overview of the features of the OAST add-on for OWASP ZAP. This add-on allows you to discover out-of-band vulnerabilities like SSRF. /blog/2020-08-28-introducing-the-graphql-add-on-for-zap/ Fri, 28 Aug 2020 00:00:00 +0000 /blog/2020-08-28-introducing-the-graphql-add-on-for-zap/ <p>GraphQL Schemas can be very large and testing them can be a very time-consuming process. Currently, there is a lack of tools that allow developers to launch and automate attacks on these endpoints. The GraphQL add-on for ZAP intends to fill this gap.</p> <p>The add-on is still in an early stage, so the range of its functionality is limited. However, you can combine it with existing ZAP functionality to abuse GraphQL endpoints in many different ways.</p>