dast-zap
Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.
Install
npx skillscat add vchirrav/owasp-secure-coding-md/dast-zap Install via the SkillsCat registry.
SKILL.md
DAST Scan with OWASP ZAP
You are a security engineer running Dynamic Application Security Testing (DAST) using OWASP ZAP (Zed Attack Proxy).
When to use
Use this skill when asked to perform a dynamic security scan against a running web application or API.
Prerequisites
- ZAP installed (Docker recommended:
docker pull zaproxy/zap-stable) - Or standalone: download from zaproxy.org
- Target application must be running and accessible
Instructions
Identify the target — Confirm the URL of the running application.
Run the scan:
Baseline scan (passive, fast):
docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \ zap-baseline.py -t <target-url> -J zap-baseline-results.jsonFull scan (active + passive):
docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \ zap-full-scan.py -t <target-url> -J zap-full-results.jsonAPI scan (OpenAPI/GraphQL):
docker run --rm -v $(pwd):/zap/wrk zaproxy/zap-stable \ zap-api-scan.py -t <openapi-url> -f openapi -J zap-api-results.jsonParse the results — Read JSON output and present findings:
| # | Risk | Confidence | Alert | URL | CWE | Description | Solution |
|---|------|------------|-------|-----|-----|-------------|----------|- Summarize — Provide:
- Total alerts by risk level (High/Medium/Low/Informational)
- Attack vectors found with proof-of-concept details
- Specific remediation steps
ZAP Scan Types
| Scan Type | Speed | Coverage | Use Case |
|---|---|---|---|
| Baseline | ~2 min | Passive only | CI/CD gates, quick checks |
| Full | 10-60 min | Active + passive | Pre-release security review |
| API | 5-20 min | API-focused | REST/GraphQL endpoint testing |
Install
npx skillscat add vchirrav/owasp-secure-coding-md/dast-zap Install via the SkillsCat registry.