/tags/owasp-ptk/ Recent content in Owasp-Ptk on ZAP Hugo en-us Wed, 06 May 2026 00:00:00 +0000 /blog/2026-05-06-automating-owasp-ptk-with-zap-phase-1/ Wed, 06 May 2026 00:00:00 +0000 /blog/2026-05-06-automating-owasp-ptk-with-zap-phase-1/ ZAP’s Automation Framework can now drive OWASP PTK scans using the Client Spider. This is an early release - we want you to try it and give us feedback while we work toward deeper integration with ZAP’s active and passive scan engines. /blog/2026-04-01-owasp-ptk-findings-to-zap-alerts/ Wed, 01 Apr 2026 00:00:00 +0000 /blog/2026-04-01-owasp-ptk-findings-to-zap-alerts/ OWASP PTK 9.8.0 and the ZAP OWASP PTK add-on 0.3.0 now let ZAP display OWASP PTK findings directly as ZAP Alerts. This post shows how to install the add-on, choose which PTK rules to run (SAST / IAST / DAST), optionally auto-start scans on browser launch, and then scan OWASP Juice Shop with all results visible in ZAP. /blog/2026-01-19-owasp-ptk-add-on/ Mon, 19 Jan 2026 00:00:00 +0000 /blog/2026-01-19-owasp-ptk-add-on/ OWASP PTK is now pre-installed in the browsers launched by ZAP (Chrome, Edge and Firefox). This post shows how to run PTK’s DAST, IAST, SAST, and SCA inside the same authenticated session you’re testing, plus practical JWT and cookie workflows—while ZAP remains your traffic and context hub.