ZAP

  • Home
  • Blog
  • Videos
  • Documentation
  • Community
  • Sponsor
Download
  • Add-ons
    • Access Control Testing
      • Access Control Context Options
      • Access Control Status Tab
    • Active Scan Rules
    • Active Scan Rules - Alpha
    • Active Scan Rules - Beta
    • Advanced SQLInjection Add-on
    • AJAX Spider
      • Ajax Spider Automation Framework Support
      • Options AJAX Spider screen
      • AJAX Spider dialog
      • AJAX Spider tab
    • Alert Filters
      • Alert Filter Dialog
      • Alert Filter Automation Framework Support
      • Context Alert Filters
      • Options Global Alert Filters
    • All In One Notes
      • All In One Notes - About
    • AMF Support
    • Authentication Helper
      • Authentication Request Identification
      • Browser Based Authentication
      • Header Based Session Management
    • Authentication Statistics
    • Automation Framework
      • Automation Framework - About
      • Automation Framework - authentication
      • Automation Framework - Environment
      • Automation Framework - GUI
      • Automation Framework - addOns Job
      • Automation Framework - activeScan Job
      • Automation Framework - delay Job
      • Automation Framework - passiveScan-config Job
      • Automation Framework - passiveScan-wait Job
      • Automation Framework - requestor Job
      • Automation Framework - spider Job
      • Automation Framework - Options
      • Automation Framework - Alert Job Test
      • Automation Framework - Monitor Job Test
      • Automation Framework - Statistics Job Test
      • Automation Framework - URL Presence Job Tests
      • Automation Framework - Job Tests
    • Bean Shell Console
    • BIRT Reports
    • Browser View
    • Bug Tracker
    • Call Graph
    • Call Home
    • Code Dx
    • Collection: Pentester Pack
    • Collection: Scan Rules Pack
    • Common Library
    • Community Scripts
    • Custom Payloads
    • Custom Report
    • Database Add-on
    • Diff
    • Directory List v1.0
    • Directory List v2.3
    • Directory List v2.3 LC
    • DOM XSS Active Scan Rule
      • DOM XSS Active Scan Rule - About
    • Encode / Decode / Hash dialog
      • Options Encode/Decode screen
    • Eval Villain
    • Export Report
    • Forced Browse
      • Options Forced Browse screen
      • Forced Browse tab
    • Form Handler
    • FuzzDB Files
    • FuzzDB Offensive
    • FuzzDB Web Backdoors
    • Fuzzing
      • Fuzzer dialog
      • HTTP Message Processors
      • Fuzz Location Processors dialog
      • Options Fuzz screen
      • Payloads dialog
      • Payload Processors dialog
      • Fuzzer tab
    • Getting Started Guide
    • GraalVM JavaScript
    • GraphQL Support
      • GraphQL Automation Framework Support
      • GraphQL Options
      • GraphQL Support Script
    • Groovy Support
      • Groovy Support - About
    • Highlighter
    • HTTPS Info
    • The HUD
      • Options HUD screen
    • Import/Export
      • Automation Framework Support
    • Import URLs
    • Invoke Applications
      • Options Applications screen
    • JSON View
    • Kotlin Support
    • Linux WebDrivers
    • Log File Importer
    • MacOS WebDrivers
    • Neonmarker
    • Network Add-on
      • Network API
      • Command Line
      • Options
        • Client Certificates
        • Connection
        • Local Servers/Proxies
        • Server Certificates
    • Out-of-band Application Security Testing Support
      • OAST Options
      • OAST Services
        • BOAST
          • BOAST Options
        • Callbacks
          • Callback Options
        • Interactsh
          • Interactsh Options
      • OAST Tab
    • Online Menu
    • OpenAPI Support
      • OpenAPI Automation Framework Support
    • Parameter Digger
      • Parameter Digger - About
      • Param Digger dialog
      • Param Digger tab
    • Passive Scan Rules
    • Passive Scan Rules - Alpha
    • Passive Scan Rules - Beta
    • Plug-n-Hack
      • Plug-n-Hack Clients tab
    • Port Scan
      • Options Port Scan screen
      • Port Scan tab
    • Python Scripting
      • Options Jython screen
    • Quick Start
      • Command Line
      • Options Quick Start Launch screen
    • Regular Expression Tester
    • Replacer
    • Report Alert Generator
    • Report Generation
      • Report Generation - About
      • Report Generation API
      • Report Generation Automation Framework Support
      • Creating Reports
      • High Level Report Sample
      • Modern HTML Report with themes and options
      • Risk and Confidence HTML
      • SARIF JSON Report
      • Traditional HTML with Requests and Responses
      • Traditional HTML
      • Traditional JSON Report with Requests and Responses
      • Traditional JSON Report
      • Traditional Markdown Report
      • Traditional PDF
      • Traditional XML Report with Requests and Responses
      • Traditional XML Report
      • Report Templates
    • Requester Add-on
      • Manual Request Editor dialog
      • Requester Options
      • Requester Tab
    • Retest
      • Retest - About
    • Retire.js
    • Reveal
    • Revisit
    • Ruby Scripting
    • SAML Support
    • Save Raw Message
    • Save XML Message
    • Script Console
      • Scripts Automation Framework Support
      • Script Console Tab
      • Scripts tree tab
    • Selenium
      • Selenium API
      • Options Selenium screen
    • Sequence Scanner
    • Server-Sent Events
      • Server-Sent Events tab
    • SOAP Support
      • SOAP Automation Framework Support
    • Spider
      • Spider Automation Framework Support
      • Spider dialog
      • Options Spider screen
      • Spider tab
    • SVN Digger Files
    • Technology Detection
      • Wappalyzer API
    • Tips and Tricks
    • TLS Debug
    • Token Generation and Analysis
      • Options Token Generator Screen
    • TreeTools
    • ViewState
    • WebSockets
      • Web Sockets - About
      • WebSocket API
      • WebSocket specific options
      • WebSocket Passive Scan Rules
      • WebSocket Scripts
      • WebSocket specific session properties
      • WebSocket tab
    • Windows WebDrivers
    • Zest
  • Releases
  • Getting Started
    • Scanner Rules
    • Features
      • Add-ons
      • Alerts
      • Anti CSRF Handling
      • API
      • Active Scan
      • Authentication
      • Authentication Methods
      • Authentication Verification Strategies
      • Breakpoints
      • Callbacks
      • Contexts
      • Custom Page
      • Data Driven Content
      • Globally Excluded URLs
      • HTTP Sessions
      • Manipulator-in-the-middle Proxy
      • Marketplace
      • Modes
      • Notes
      • Passive Scan
      • Scan Policy
      • Scope
      • Scripts
      • Session Management
      • Sites Tree
      • Spider
      • Statistics
      • Structural Modifiers
      • Structural Parameters
      • Tags
      • Users
    • A Basic Penetration Test
    • Configuring Proxies
  • Desktop UI Overview
    • Dialogs
      • Add Alert dialog
      • Add/Edit Breakpoint dialog
      • Add Note dialog
      • Active Scan dialog
      • Encode / Decode / Hash dialog
      • Find dialog
      • History Filter dialog
      • Manual Request Editor dialog
      • Manage Add-ons
      • Manage History Tags dialog
      • Options dialog
        • Options Alerts screen
        • Options Anti CRSF screen
        • Options API screen
        • Options Active Scan screen
        • Options Active Scan Input Vectors screen
        • Options Breakpoints screen
        • Options Callback Address screen
        • Options Client Certificate screen
        • Options Check for Updates screen
        • Options Connection screen
        • Options Database screen
        • Dynamic SSL Certificates
        • Options Extensions screen
        • Options Global Exclude URL screen
        • Options HTTP Sessions screen
        • Options JVM screen
        • Options Keyboard screen
        • Options language screen
        • Options Local Proxies screen
        • Options Passive Scan Tags screen
        • Options Passive Scanner Screen
        • Options Passive Scan Rules Screen
        • Options Rule Configuration screen
        • Options Scripts screen
        • Options Search screen
        • Options Spider screen
        • Options Statistics screen
        • Options Display screen
      • Persist Session dialog
      • Scan Policy Dialog
      • Scan Policy Manager dialog
      • Scan Progress Dialog
      • Session Properties dialog
        • Session Context Authentication screen
        • Session Context Structure screen
        • Session Context screens
      • Spider dialog
    • Footer
    • The Tabs
      • Alerts tab
      • Active Scan tab
      • Break tab
      • Breakpoints tab
      • Callbacks tab
      • History tab
      • HTTP Sessions tab
      • Output tab
      • Params tab
      • Request tab
      • Response tab
      • Search tab
      • Sites tab
      • Spider tab
    • Top Level Menu
      • The Analyse menu
      • The Edit menu
      • The File menu
      • The Help menu
      • The Import menu
      • The Online menu
      • The Report menu
      • The Tools menu
      • The View menu
    • Top Level Toolbar
    • Views
  1. Documentation
  2. The OWASP ZAP Desktop User Guide
  3. Add-ons
  4. Out-of-band Application Security Testing Support
  5. OAST Services

OAST Services

The OAST add-on currently supports the following services:

  • BOAST
  • Callbacks
  • Interactsh

Default Services

  • BOAST - https://odiss.eu:1337/events
  • Interactsh - https://interactsh.com
  • Home
  • Blog
  • Videos
  • Community
  • Sponsor
  • Statistics
ZAP is an OWASP Flagship project
© Copyright 2023 the ZAP Dev Team
OWASP is a registered trademark of the OWASP Foundation, Inc.