Project Blog

In the summer of 2021, I worked under the guidance of my mentors Simon, Rick and Ricardo to add Out-of-band Application Security Testing (OAST) Support to ZAP, the world's most widely used web app scanner. Since then, I have continued to work on enhancing the OAST add-on for ZAP. Read more about ZAP at

Follow @zaproxy on Twitter for latest ZAP updates.


Mar 8, 2022 ZAPCon 2022 Presentation Resources
Dec 14, 2021 Log4Shell Detection with ZAP
Aug 23, 2021 Out-of-band Application Security Testing with OWASP ZAP
Jul 11, 2021 ZAP OAST: Basic Design Decisions
Jun 25, 2021 Levelling Up ZAP with OAST