owasp-zap
OWASP ZAP (Zed Attack Proxy)
OWASP ZAP is the world's most widely used free web app scanner. It is perfect for developers and functional testers who are new to penetration testing, as well as automated CI/CD pipelines.
When to Use
- CI/CD Automation: "DAST in the pipeline". Run a baseline scan on every PR.
- Budget constraints: It's free and open-source (vs Burp Pro's license).
- Headless Scanning: Controlling the scanner via API or CLI (Docker).
Quick Start (Docker)
# Run a quick scan against a URL
docker run -t owasp/zap2docker-stable zap-baseline.py -t https://www.example.com
Core Concepts
More from g1joshi/agent-skills
template
Expert [skill-name] assistance covering [feature 1], [feature 2], and [feature 3]. Use when [working with X], [debugging Y], or [implementing Z].
34mariadb
MariaDB MySQL-compatible database with Galera clustering. Use for MySQL-compatible database needs.
6claude
Anthropic Claude AI models for analysis and coding. Use for AI assistants.
5javascript
JavaScript ES6+ programming including async/await, DOM manipulation, modules, and Node.js. Use for .js files and web development.
4typescript
TypeScript static typing with interfaces, generics, decorators, and type inference. Use for .ts files.
4python
Python programming with type hints, async/await, decorators, and package management. Use for .py files and data science.
4