The OAST Support add-on allows you to detect and exploit out-of-band vulnerabilities in web applications.
For a list of the supported services, see the OAST Services page.
If the Script Console and the GraalVM JavaScript add-ons are installed, a new script template called “OAST Register Request Handler.js” is added to ZAP. Using this template, you can create a script that performs an action whenever an out-of-band request is discovered. This action could be anything like sending yourself an email or executing another script in ZAP.
| OAST Tab |