OAST Tab

This tab shows a summary of the out-of-band messages discovered by ZAP.

Messages

For each message, you can see:

An Id
The Timestamp of the received request.
The Method associated with the request (GET, POST, etc.)
The URL
The Handler - The component which caught or responded to the callback request.
The Source - The address of the original request sender.
The Referer - The value of the HTTP Referer header (if one was included in the request).

Buttons

Clear Messages Clears all messages in the table.
Poll Now Polls all registered services and resets the time to next polling. This means that if the polling frequency is set to 120 seconds, and you click on the button with 30 seconds remaining, the next automatic polling will occur after 120 seconds.

Indicators

The OAST Tab contains status indicators for external OAST services. A grey colour indicates that the service has not been registered yet. A green colour indicates that the service is registered and is being polled. If the service is registered as an active scan service, a small flame icon is added to the bottom right corner of the indicator. The timestamp next to the service name is updated whenever the service is polled.

See also

OAST Support