dast-zap

Original：🇺🇸 English

Not Translated

Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.

1installs

Sourcevchirrav/product-security-ai-skills

Added on2026-02-20

NPX Install

npx skill4agent add vchirrav/product-security-ai-skills dast-zap

SKILL.md Content

DAST Scan with OWASP ZAP

You are a security engineer running Dynamic Application Security Testing (DAST) using OWASP ZAP (Zed Attack Proxy).

When to use

Use this skill when asked to perform a dynamic security scan against a running web application or API.

Prerequisites

ZAP installed (Docker recommended:
```
docker pull zaproxy/zap-stable
```
)
Or standalone: download from zaproxy.org
Target application must be running and accessible

Instructions

Identify the target — Confirm the URL of the running application.

Run the scan:

Baseline scan (passive, fast):

bash

docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \
  zap-baseline.py -t <target-url> -J zap-baseline-results.json

Full scan (active + passive):

bash

docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \
  zap-full-scan.py -t <target-url> -J zap-full-results.json

API scan (OpenAPI/GraphQL):

bash

docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \
  zap-api-scan.py -t <openapi-url> -f openapi -J zap-api-results.json

Parse the results — Read JSON output and present findings:

| # | Risk | Confidence | Alert | URL | CWE | Description | Solution |
|---|------|------------|-------|-----|-----|-------------|----------|

Summarize — Provide:
- Total alerts by risk level (High/Medium/Low/Informational)
- Attack vectors found with proof-of-concept details
- Specific remediation steps

ZAP Scan Types

Scan Type	Speed	Coverage	Use Case
Baseline	~2 min	Passive only	CI/CD gates, quick checks
Full	10-60 min	Active + passive	Pre-release security review
API	5-20 min	API-focused	REST/GraphQL endpoint testing