OWASP ZAP

PlexTrac supports importing XML files from OWASP ZAP (Zed Attack Proxy), a web application penetration testing tool. It can automatically detect security vulnerabilities while developing and testing web applications.

Finding Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field	Direction	PlexTrac Field
Plugin ID Name	--->	Finding Title
Description	--->	Description
Other Info	--->	Custom Field "Other Info"
Solution	--->	Recomendation
Refrences	--->	Refrences
CWE ID	--->	CWE ID
Risk Description	--->	Severity

OWASP Field

Direction

PlexTrac Field

Plugin ID Name

--->

Finding Title

Description

--->

Description

Other Info

--->

Custom Field "Other Info"

Solution

--->

Recomendation

Refrences

--->

Refrences

CWE ID

--->

CWE ID

Risk Description

--->

Severity

Asset Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field	Direction	PlexTrac Field
Path	--->	Asset Name
Method	--->	Asset Evidence
Parameter	--->	Asset Evidence
Payload	--->	Asset Evidence
URI	--->	Hostname
Port	--->	Port
Protocol	--->	Protocol

OWASP Field

Direction

PlexTrac Field

Path

--->

Asset Name

Method

--->

Asset Evidence

Parameter

--->

Asset Evidence

Payload

--->

Asset Evidence

URI

--->

Hostname

Port

--->

Port

Protocol

--->

Protocol

PreviousOpenVAS NextPentera

Last updated 1 month ago