Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 40 million developers.Sign up
- Incremented to 1.1.4 and changed build to keep the value synced between pom.xml and ZapAddOn.xml.
- Removed casting when loading/referencing extensions by using class not NAME string.
- Added exception handling for when spider is selected but target is not available.
- Other minor maintenance changes.
- Added the Ability to detect multiple frameworks within the same project
- Added the ability to detect endpoints from multiple frameworks in the same project
- Upgraded Ham engine for better framework compatibility.
- Improved framework compatibility
- Quality of life improvements
- Added the Ability to import endpoints from an ASD CLI JSON output file
- Added the ability to double click an endpoint to view its details
- Added configuration Subtab
- Added a help tab to the Attack Surface Detector
- Redesigned the Results tab for better look and feel
- Removed Excess Logging statements
- Removed tools menu items
- Removed View Selected Button
- New File filters for source code selection to prevent erroneous formats.
- The Attack Surface Detector can now import endpoints from a .war file containing source code
- Adds new Attack Surface Detector icon to the ASD panel.
- Modified logging procedure to properly reflect OWASP Procedure
- Modified Endpoint Comparison to fix underlying NPE
- Options Dialog has be redesigned for a better user experience
- Updated Zap Version Compatibility to 2.7.0
- Spider method has been updated to utilize the API related to the new ZAP version
- Modified README to help users and contributors alike.
- Updates HAM engine version to fix compatibility issues
- Added the ability to import endpoints from a zip file
- Added the ability to import two different version of the same source code and compare them for changes.
- Comments inside requests now reflect if the endpoint was new/modified/unchanged
- Request highlight colors have now changed to cyan for unchanged, magenta for modified, and orange for new endpoints
- The Endpoint details view now highlights new endpoints as well as new/modified/deleted parameters.
Version 1.01 of the Attack Surface Detector adds better user documentation as well as updated maven dependencies. It also decreases bloat by removing legacy classes, and external packaging scripts.
- User guide
- Install guide
- ReadMe documentation
- Updates internal dependencies
- Removes legacy code
- Removes outdated packaging scripts
We're proud to release version 1.0
- Added an Attack Surface Detector tab to the status pane
- Added a table that lists all endpoints discovered from the source code analysis
- Added a dialog that lists the details of the selected endpoint.
- Added an options dialog that allows the user to configure the plugin prior to executing an import
- Requests are now made directly from the discovered endpoints.
- Removes the old target url dialog and source folder location dialog and combines them into one.