Skip to content

Commit 6bba31a

Browse files
psiinonpsiinon
authored
Merge pull request #1763 from zapbot/update-site-content
Update site content
2 parents 1bcd11a + fe94ad2 commit 6bba31a

File tree

9 files changed

+1234
-0
lines changed

9 files changed

+1234
-0
lines changed

docs/index.html

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -243,6 +243,14 @@ <h5>In Depth Features</h5>
243243
</div>
244244
</div>
245245

246+
<div class="flex">
247+
<div class="circle-arrow mr-20">
248+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px"><g data-name="Layer 2"><circle cx="15" cy="15" r="15" fill="#4389ff"/><path fill="none" stroke="#fff" stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M12.72 8.64L19.07 15l-6.35 6.36"/></g></svg></div>
249+
<div>
250+
<p> <b><a href="/docs/testapps/"> ZAP Vs Test Apps</a></b> - how to configure ZAP to scan commonly used vulnerable applications </p>
251+
</div>
252+
</div>
253+
246254
</div>
247255

248256
<h5>Internal Details</h5>

docs/testapps/altoroj/index.html

Lines changed: 285 additions & 0 deletions
Large diffs are not rendered by default.

docs/testapps/ginnjuiceshop/index.html

Lines changed: 287 additions & 0 deletions
Large diffs are not rendered by default.

docs/testapps/index.html

Lines changed: 242 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,242 @@
1+
<!doctype html>
2+
<html lang="en">
3+
4+
<head>
5+
<meta charset="utf-8">
6+
<meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
7+
<meta name="description" content="The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.">
8+
9+
<link rel="alternate" type="application/rss+xml" href="/docs/testapps/index.xml" title="ZAP" />
10+
<title>ZAP &ndash; ZAP Vs Test Apps</title>
11+
12+
<link rel="shortcut icon" href="/img/favicon.ico" type="image/x-icon" />
13+
<link href="https://fonts.googleapis.com/css?family=Quicksand:500,700" rel="stylesheet">
14+
<link href="https://fonts.googleapis.com/css?family=Istok+Web|Open+Sans:400,700|Rubik&display=swap" rel="stylesheet">
15+
<script src="https://cdnjs.cloudflare.com/ajax/libs/lunr.js/2.3.6/lunr.min.js"></script>
16+
17+
<script async src="https://www.googletagmanager.com/gtag/js?id=G-JDLGW1172L"></script>
18+
<script>
19+
window.dataLayer = window.dataLayer || [];
20+
function gtag(){dataLayer.push(arguments);}
21+
gtag('js', new Date());
22+
gtag('config', 'G-JDLGW1172L');
23+
</script>
24+
25+
26+
27+
<link href="/main.98e1bf.css" rel="stylesheet">
28+
29+
</head>
30+
<body>
31+
<div id="page-container">
32+
<div id="content-wrap">
33+
<header class="site-header">
34+
<div class="wrapper flex jc-sb ai-c">
35+
<div class="flex">
36+
<nav class="site-nav" role="navigation">
37+
<a href="/" aria-label="return to landing page" class="logo">
38+
<img src = "/img/zap-by-checkmarx.svg" height="65px" alt="ZAP By Checkmarx"/>
39+
</a>
40+
</nav>
41+
</div>
42+
<div class="nav-content flex">
43+
<nav class="site-nav" role="navigation">
44+
<div class="hamburger-icon">
45+
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M0 0h24v24H0z" fill="none"/><path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/></svg>
46+
</div>
47+
<input class="hamburger-click" aria-label="site menu" type="checkbox" />
48+
<ul id="primary-menu" class="flex">
49+
50+
51+
52+
<li class="">
53+
<a href="/blog/" title="Blog page">
54+
Blog
55+
</a>
56+
</li>
57+
58+
59+
60+
<li class="">
61+
<a href="/videos/" title="Videos page">
62+
Videos
63+
</a>
64+
</li>
65+
66+
67+
68+
<li class="">
69+
<a href="/docs/" title="Documentation page">
70+
Documentation
71+
</a>
72+
</li>
73+
74+
75+
76+
<li class="">
77+
<a href="/community/" title="Community page">
78+
Community
79+
</a>
80+
</li>
81+
82+
83+
<li id="search-menu">
84+
<a class="toggler" href="#">
85+
<img height="20" width="20" src="/img/search.svg" alt="Search icon"/>
86+
</a>
87+
88+
<form data-no-csrf action="/search">
89+
<input type="text" name="q" placeholder="Search ..." style="width: 100%" />
90+
</form>
91+
</li>
92+
</ul>
93+
</nav>
94+
<div class="download-button">
95+
<a id="cta-download" href="/download/" class="button button--orange">Download</a>
96+
</div>
97+
<div class="social-links header-social">
98+
<ul class="flex ai-c no-list-style m-10 px-20">
99+
<li>
100+
<a href="https://github.com/zaproxy" aria-label="Go to ZAP's GitHub repo"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 18.88"><path d="M9.68 0a9.68 9.68 0 0 0-3.06 18.86c.48.09.64-.21.64-.46v-1.8C4.57 17.18 4 15.45 4 15.45A2.57 2.57 0 0 0 2.93 14c-.88-.6.07-.59.07-.59a2 2 0 0 1 1.48 1 2.06 2.06 0 0 0 2.82.8A2 2 0 0 1 7.91 14c-2.15-.29-4.41-1.12-4.41-4.83a3.72 3.72 0 0 1 1-2.59A3.53 3.53 0 0 1 4.59 4s.82-.26 2.67 1a9 9 0 0 1 4.84 0c1.9-1.25 2.66-1 2.66-1a3.49 3.49 0 0 1 .1 2.57 3.71 3.71 0 0 1 1 2.59c0 3.72-2.26 4.54-4.42 4.78a2.3 2.3 0 0 1 .67 1.79v2.67c0 .25.15.56.64.46A9.68 9.68 0 0 0 9.68 0z" fill="#00549e"/></svg></a>
101+
</li>
102+
<li>
103+
<a href="https://twitter.com/zaproxy" aria-label="Follow ZAP on Twitter"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 15.73"><path d="M19.36 1.86a8 8 0 0 1-2.28.63 3.94 3.94 0 0 0 1.74-2.2 7.53 7.53 0 0 1-2.52 1 4 4 0 0 0-6.77 3.59A11.29 11.29 0 0 1 1.35.73 4 4 0 0 0 2.58 6a3.91 3.91 0 0 1-1.8-.5A4 4 0 0 0 4 9.48a4 4 0 0 1-1.79.06 4 4 0 0 0 3.67 2.76A8 8 0 0 1 0 14a11.32 11.32 0 0 0 6.09 1.78A11.24 11.24 0 0 0 17.38 3.92a8.08 8.08 0 0 0 1.98-2.06z" fill="#00549e"/></svg></a>
104+
</li>
105+
</ul>
106+
</div>
107+
</div>
108+
109+
</div>
110+
</header>
111+
112+
113+
114+
<section class="bolt-header">
115+
<div class="wrapper py-20">
116+
<h1 class="text--white">ZAP Vs Test Apps</h1>
117+
</div>
118+
</section>
119+
120+
<section>
121+
<div class="wrapper py-70">
122+
123+
<ol class="breadcrumbs">
124+
125+
126+
<li>
127+
<a href='/docs/'>Documentation</a>
128+
</li>
129+
130+
<li>
131+
<a href='/docs/testapps/'>ZAP Vs Test Apps</a>
132+
</li>
133+
134+
135+
</ol>
136+
<p>These pages detail how to set up ZAP to scan a variety of test vulnerable web apps.</p>
137+
<p>ZAP is primarily designed to scan “real world” apps, but we understand why people like testing against deliberately vulnerable apps.</p>
138+
<p>Some of these apps act in &ldquo;unusual&rdquo; ways that are not often seen in real world app. Hence these pages &#x1f601;</p>
139+
140+
141+
<div>
142+
143+
<div class="flex">
144+
<div class="circle-arrow mr-20">
145+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px"><g data-name="Layer 2"><circle cx="15" cy="15" r="15" fill="#4389ff"/><path fill="none" stroke="#fff" stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M12.72 8.64L19.07 15l-6.35 6.36"/></g></svg></div>
146+
<div>
147+
148+
<p> <b><a href="altoroj/"> AltoroJ / Testfire</a></b> - a traditional app, infrequently updated </p>
149+
150+
</div>
151+
</div>
152+
153+
<div class="flex">
154+
<div class="circle-arrow mr-20">
155+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px"><g data-name="Layer 2"><circle cx="15" cy="15" r="15" fill="#4389ff"/><path fill="none" stroke="#fff" stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M12.72 8.64L19.07 15l-6.35 6.36"/></g></svg></div>
156+
<div>
157+
158+
<p> <b><a href="ginnjuiceshop/"> Gin &amp; Juice Shop</a></b> - a well maintained modern app </p>
159+
160+
</div>
161+
</div>
162+
163+
<div class="flex">
164+
<div class="circle-arrow mr-20">
165+
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30 30" width="30px"><g data-name="Layer 2"><circle cx="15" cy="15" r="15" fill="#4389ff"/><path fill="none" stroke="#fff" stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M12.72 8.64L19.07 15l-6.35 6.36"/></g></svg></div>
166+
<div>
167+
168+
<p> <b><a href="juiceshop/"> OWASP Juice Shop</a></b> - a well maintained modern app </p>
169+
170+
</div>
171+
</div>
172+
173+
</div>
174+
175+
176+
</div>
177+
</section>
178+
179+
180+
</div>
181+
<footer class="site-footer py-20 mt-20">
182+
<div class="wrapper flex jc-sb">
183+
<div class="flex ai-c">
184+
<div class="footer-logo"><svg xmlns="http://www.w3.org/2000/svg" width="55px" viewBox="0 0 77.58 77.61"><path d="M49.48 21.64a3.46 3.46 0 0 1 .44 3 3.38 3.38 0 0 1-2.16 2.14l-1.17.38 10.74 13.56a3.39 3.39 0 0 1-1.83 5.41l-2 .5L68 65A37.78 37.78 0 0 0 39.85 2c-1.34 0-2.66.07-4 .2zM23.33 48.26a3.4 3.4 0 0 1 .45-6.09L25 41.7l-13.81-10a3.4 3.4 0 0 1 .62-5.86l.2-.09-5.47-3.84a37.79 37.79 0 0 0 55.32 48.6z" fill="#fff"/><path d="M67.84 69.48L49 45.59a.55.55 0 0 1 .28-.87l5.55-1.36a.58.58 0 0 0 .23-.13.48.48 0 0 0 .09-.11.62.62 0 0 0 .08-.24.58.58 0 0 0 0-.26.54.54 0 0 0-.07-.13L42.29 26.37a.75.75 0 0 1-.07-.12.55.55 0 0 1 .31-.74l4.35-1.4a.54.54 0 0 0 .26-.83L30.92.22a.5.5 0 0 0-.61-.22L.32 13a.55.55 0 0 0-.1.94l16.72 11.88a.52.52 0 0 1 .22.49.45.45 0 0 1-.09.26.48.48 0 0 1-.09.11l-.13.08-3.93 1.72a.55.55 0 0 0-.29.31v.13a.59.59 0 0 0 .22.5l8.62 6.22 8.61 6.21a.55.55 0 0 1 0 .87.57.57 0 0 1-.13.08l-5.11 2a.55.55 0 0 0-.28.75.56.56 0 0 0 .21.22l42.43 24.5a.53.53 0 0 0 .64-.79z" fill="#fff"/></svg></div>
185+
<div class="footer-left">
186+
<nav class="footer-nav">
187+
<ul class="flex">
188+
189+
190+
191+
<li class="ml-10"><a href="/blog/" title="Blog page">Blog</a></li>
192+
193+
194+
195+
<li class="ml-10"><a href="/videos/" title="Videos page">Videos</a></li>
196+
197+
198+
199+
<li class="ml-10"><a href="/community/" title="Community page">Community</a></li>
200+
201+
202+
203+
<li class="ml-10"><a href="/docs/statistics/" title="Statistics page">Statistics</a></li>
204+
205+
206+
</ul>
207+
</nav>
208+
209+
210+
211+
212+
<div class="ml-10">
213+
<a href="https://github.com/zaproxy/zaproxy-website/blob/main/site/content/docs/testapps/_index.md">Edit on GitHub</a>
214+
</div>
215+
216+
</div>
217+
</div>
218+
219+
<div class="flex ai-c">
220+
<span class="OutroFooter">
221+
© Copyright 2025 the ZAP Dev Team</br>
222+
ZAP by <a href="https://checkmarx.com" aria-label="Checkmarx">Checkmarx</a>
223+
</span>
224+
<ul class="flex footer-social">
225+
<li>
226+
<a href="https://github.com/zaproxy/" aria-label="Go to ZAP's GitHub repo"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 18.88"><path d="M9.68 0a9.68 9.68 0 0 0-3.06 18.86c.48.09.64-.21.64-.46v-1.8C4.57 17.18 4 15.45 4 15.45A2.57 2.57 0 0 0 2.93 14c-.88-.6.07-.59.07-.59a2 2 0 0 1 1.48 1 2.06 2.06 0 0 0 2.82.8A2 2 0 0 1 7.91 14c-2.15-.29-4.41-1.12-4.41-4.83a3.72 3.72 0 0 1 1-2.59A3.53 3.53 0 0 1 4.59 4s.82-.26 2.67 1a9 9 0 0 1 4.84 0c1.9-1.25 2.66-1 2.66-1a3.49 3.49 0 0 1 .1 2.57 3.71 3.71 0 0 1 1 2.59c0 3.72-2.26 4.54-4.42 4.78a2.3 2.3 0 0 1 .67 1.79v2.67c0 .25.15.56.64.46A9.68 9.68 0 0 0 9.68 0z" fill="#00549e"/></svg></a>
227+
</li>
228+
<li>
229+
<a href="https://twitter.com/zaproxy" aria-label="Follow ZAP on Twitter"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 15.73"><path d="M19.36 1.86a8 8 0 0 1-2.28.63 3.94 3.94 0 0 0 1.74-2.2 7.53 7.53 0 0 1-2.52 1 4 4 0 0 0-6.77 3.59A11.29 11.29 0 0 1 1.35.73 4 4 0 0 0 2.58 6a3.91 3.91 0 0 1-1.8-.5A4 4 0 0 0 4 9.48a4 4 0 0 1-1.79.06 4 4 0 0 0 3.67 2.76A8 8 0 0 1 0 14a11.32 11.32 0 0 0 6.09 1.78A11.24 11.24 0 0 0 17.38 3.92a8.08 8.08 0 0 0 1.98-2.06z" fill="#00549e"/></svg></a>
230+
</li>
231+
</ul>
232+
</div>
233+
</div>
234+
</footer>
235+
236+
237+
238+
<script src="/main.aa09f7.js"></script>
239+
240+
</div>
241+
</body>
242+
</html>

docs/testapps/index.xml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
2+
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
3+
<channel>
4+
<title>ZAP Vs Test Apps on ZAP</title>
5+
<link>/docs/testapps/</link>
6+
<description>Recent content in ZAP Vs Test Apps on ZAP</description>
7+
<generator>Hugo</generator>
8+
<language>en-us</language>
9+
<atom:link href="/docs/testapps/index.xml" rel="self" type="application/rss+xml" />
10+
<item>
11+
<title>AltoroJ / testfire.net</title>
12+
<link>/docs/testapps/altoroj/</link>
13+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
14+
<guid>/docs/testapps/altoroj/</guid>
15+
<description>&lt;h3 id=&#34;overview&#34;&gt;Overview &lt;a class=&#34;header-link&#34; href=&#34;#overview&#34;&gt;&lt;svg class=&#34;fill-current o-60 hover-accent-color-light&#34; height=&#34;22px&#34; viewBox=&#34;0 0 24 24&#34; width=&#34;22px&#34; xmlns=&#34;http://www.w3.org/2000/svg&#34;&gt;&lt;path d=&#34;M0 0h24v24H0z&#34; fill=&#34;none&#34;/&gt;&lt;path d=&#34;M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z&#34; fill=&#34;currentColor&#34;/&gt;&lt;/svg&gt;&lt;/a&gt;&lt;/h3&gt;&#xA;&lt;p&gt;AltoroJ, also known as Altoro Mutual and Testfire, is an open source sample banking J2EE web application&#xA;maintained by &lt;a href=&#34;https://www.hcl-software.com/&#34;&gt;HCL Software&lt;/a&gt;.&lt;/p&gt;</description>
16+
</item>
17+
<item>
18+
<title>Gin &amp; Juice Shop</title>
19+
<link>/docs/testapps/ginnjuiceshop/</link>
20+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
21+
<guid>/docs/testapps/ginnjuiceshop/</guid>
22+
<description>&lt;h3 id=&#34;overview&#34;&gt;Overview &lt;a class=&#34;header-link&#34; href=&#34;#overview&#34;&gt;&lt;svg class=&#34;fill-current o-60 hover-accent-color-light&#34; height=&#34;22px&#34; viewBox=&#34;0 0 24 24&#34; width=&#34;22px&#34; xmlns=&#34;http://www.w3.org/2000/svg&#34;&gt;&lt;path d=&#34;M0 0h24v24H0z&#34; fill=&#34;none&#34;/&gt;&lt;path d=&#34;M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z&#34; fill=&#34;currentColor&#34;/&gt;&lt;/svg&gt;&lt;/a&gt;&lt;/h3&gt;&#xA;&lt;p&gt;Gin &amp;amp; Juice Shop is a closed source vulnerable app maintained by &lt;a href=&#34;https://portswigger.net/&#34;&gt;PortSwigger&lt;/a&gt;.&lt;/p&gt;&#xA;&lt;p&gt;Despite claiming to be a modern app is is actually relatively traditional (it is not a Single Page App), which makes it easier to scan.&lt;/p&gt;</description>
23+
</item>
24+
<item>
25+
<title>OWASP Juice Shop</title>
26+
<link>/docs/testapps/juiceshop/</link>
27+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
28+
<guid>/docs/testapps/juiceshop/</guid>
29+
<description>&lt;h3 id=&#34;overview&#34;&gt;Overview &lt;a class=&#34;header-link&#34; href=&#34;#overview&#34;&gt;&lt;svg class=&#34;fill-current o-60 hover-accent-color-light&#34; height=&#34;22px&#34; viewBox=&#34;0 0 24 24&#34; width=&#34;22px&#34; xmlns=&#34;http://www.w3.org/2000/svg&#34;&gt;&lt;path d=&#34;M0 0h24v24H0z&#34; fill=&#34;none&#34;/&gt;&lt;path d=&#34;M3.9 12c0-1.71 1.39-3.1 3.1-3.1h4V7H7c-2.76 0-5 2.24-5 5s2.24 5 5 5h4v-1.9H7c-1.71 0-3.1-1.39-3.1-3.1zM8 13h8v-2H8v2zm9-6h-4v1.9h4c1.71 0 3.1 1.39 3.1 3.1s-1.39 3.1-3.1 3.1h-4V17h4c2.76 0 5-2.24 5-5s-2.24-5-5-5z&#34; fill=&#34;currentColor&#34;/&gt;&lt;/svg&gt;&lt;/a&gt;&lt;/h3&gt;&#xA;&lt;p&gt;OWASP Juice Shop is &amp;ldquo;probably the most modern and sophisticated insecure web application&amp;rdquo;.&lt;/p&gt;&#xA;&lt;p&gt;It is open source, well maintained by independent volunteers, and &lt;a href=&#34;https://help.owasp-juice.shop/&#34;&gt;well documented&lt;/a&gt;.&lt;/p&gt;</description>
30+
</item>
31+
</channel>
32+
</rss>

0 commit comments

Comments
 (0)