Simon Bennetts ⚡

@[email protected]
896 Followers
170 Following
332 Posts
ZAP Project Lead
Twitterhttps://twitter.com/psiinon
Homepagehttps://www.zaproxy.org/docs/team/psiinon/
Githubhttps://github.com/psiinon/
Twitter Verificationhttps://twittodon.com/share.php?t=psiinon&[email protected]
Simon Bennetts ⚡1d ago
ZAP1d ago
New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis
https://www.zaproxy.org/blog/2026-03-19-introducing-deepviolet/
Thanks to Milton Smith
#zaproxy #deepviolet #appsec
Introducing DeepViolet

Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis

ZAP
Simon Bennetts ⚡Feb 25
ZAPFeb 25
Do you need even more control over the browsers that you can launch from ZAP?
You’ve got it!
https://www.zaproxy.org/blog/2026-02-24-custom-browsers-and-preferences/
#zaproxy #appsec
Custom Browsers and Preferences

You can now add custom browsers to ZAP and manage any browser preferences.

ZAP
Simon Bennetts ⚡Feb 17
ZAPFeb 17
Combine the Encode/Decode/Hash add-on with CyberChef operations in ZAP Encode/Decode Scripts for flexible encoding, decoding, and hashing in your testing workflow.
https://www.zaproxy.org/blog/2026-02-17-encoder-cyberchef-via-scripts/
#zaproxy #appsec #cyberchef
Using ZAP's Encode/Decode/Hash Add-on with CyberChef via Encode/Decode Scripts

Combine the Encode/Decode/Hash add-on with CyberChef operations in ZAP Encode/Decode Scripts for flexible encoding, decoding, and hashing in your testing workflow.

ZAP
Simon Bennetts ⚡Feb 6
ZAPFeb 6
New Blog Post: Detecting Circular Type References in GraphQL Schemas
https://www.zaproxy.org/blog/2026-02-06-detecting-graphql-cycles/
#zaproxy #appsec #graphql
Detecting Circular Type References in GraphQL Schemas

ZAP can now detect cycles in GraphQL schemas that could lead to denial of service attacks.

ZAP
Simon Bennetts ⚡Feb 2
ZAPFeb 2
New blog post: https://www.zaproxy.org/blog/2026-02-02-zap-updates-2025-highlights-2026-plans/
Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!
#zaproxy #appsec #ai
ZAP Updates - 2025 Highlights and Plans for 2026

Highlights of 2025 and our initial plans for 2026, including more 3rd Party tool integrations, enhanced exploring and, yes, AI integration!

ZAP
Simon Bennetts ⚡Feb 2
We have made a good start on #AI integration in @zaproxy
We know some of you will be very anti-AI, so this will be optional and opt-in.
We have lots of plans, but feedback also appreciated - what integrations would you really like to see .. or not see?
Simon Bennetts ⚡Jan 19
ZAPJan 19
https://www.zaproxy.org/blog/2026-01-19-owasp-ptk-add-on/
#zaproxy #owasp #appsec
OWASP PTK Integration with ZAP

OWASP PTK is now pre-installed in the browsers launched by ZAP (Chrome, Edge and Firefox). This post shows how to run PTK’s DAST, IAST, SAST, and SCA inside the same authenticated session you’re testing, plus practical JWT and cookie workflows—while ZAP remains your traffic and context hub.

ZAP
Simon Bennetts ⚡Jan 8
ZAPJan 8
New “Getting Further with ZAP Scripting” pages: https://www.zaproxy.org/docs/getting-further/scripting/
Looking for something more? Let @psiinon know!
ZAP – Getting Further with ZAP Scripting

The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.

Simon Bennetts ⚡Dec 15
ZAPDec 15
ZAP 2.17.0 is now available!
It includes performance improvements, a significant reduction in “duplicate” alerts reported, and new Insights which give you key information about scans.
https://www.zaproxy.org/blog/2025-12-15-zap-2-17-0/
#zaproxy #appsec
ZAP 2.17.0

ZAP 2.17.0 has just been released. The release includes core performance improvements and will significantly reduce the number of “duplicate” alerts reported.

ZAP
Simon Bennetts ⚡Dec 5
ZAPDec 5
New blog post: #React2Shell Detection with ZAP
https://www.zaproxy.org/blog/2025-12-05-react2shell-detection-with-zap/
#zaproxy #appsec
React2Shell Detection with ZAP

React2Shell is the latest big “named” vulnerability - heres how you can detect it with ZAP.

ZAP