1 of 1

OWASP ZAP

PlexTrac supports importing XML files from OWASP ZAP (Zed Attack Proxy), a web application penetration testing tool. It can automatically detect security vulnerabilities while developing and testing web applications.

Finding Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field

Direction

PlexTrac Field

Plugin ID Name

--->

Finding Title

Description

--->

Description

Other Info

--->

Custom Field "Other Info"

Solution

--->

Recomendation

Refrences

--->

Refrences

CWE ID

--->

CWE ID

Risk Description

--->

Severity

Asset Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field

Direction

PlexTrac Field

Path

--->

Asset Name

Method

--->

Asset Evidence

Parameter

--->

Asset Evidence

Payload

--->

Asset Evidence

URI

--->

Hostname

Port

--->

Port

Protocol

--->

Protocol

OWASP ZAP

Finding Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field

Direction

PlexTrac Field

Plugin ID Name

--->

Finding Title

Description

--->

Description

Other Info

--->

Custom Field "Other Info"

Solution

--->

Recomendation

Refrences

--->

Refrences

CWE ID

--->

CWE ID

Risk Description

--->

Severity

Asset Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

OWASP Field

Direction

PlexTrac Field

Path

--->

Asset Name

Method

--->

Asset Evidence

Parameter

--->

Asset Evidence

Payload

--->

Asset Evidence

URI

--->

Hostname

Port

--->

Port

Protocol

--->

Protocol