<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: jaafar_soufiane22</title>
    <description>The latest articles on DEV Community by jaafar_soufiane22 (@jaafar12781).</description>
    <link>https://dev.to/jaafar12781</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F4027145%2Fb77ecc2c-c151-432f-a6ba-481624a12b7a.jpg</url>
      <title>DEV Community: jaafar_soufiane22</title>
      <link>https://dev.to/jaafar12781</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/jaafar12781"/>
    <language>en</language>
    <item>
      <title>How I Built an Automated Web Vulnerability Scanner with Python and OWASP ZAP</title>
      <dc:creator>jaafar_soufiane22</dc:creator>
      <pubDate>Mon, 13 Jul 2026 11:07:39 +0000</pubDate>
      <link>https://dev.to/jaafar12781/how-i-built-an-automated-web-vulnerability-scanner-with-python-and-owasp-zap-l35</link>
      <guid>https://dev.to/jaafar12781/how-i-built-an-automated-web-vulnerability-scanner-with-python-and-owasp-zap-l35</guid>
      <description>&lt;p&gt;I recently completed my MSIT Capstone project at the University of the People an automated web vulnerability scanner built with Python and OWASP ZAP. Here's what I built, how it works, and what I found.&lt;br&gt;
The Problem&lt;br&gt;
Most web security tools like OWASP ZAP are powerful but complex. A developer without a cybersecurity background struggles to configure them correctly. My goal was to wrap ZAP's API into a simple Python CLI tool that anyone can run with a single command.&lt;br&gt;
How It Works&lt;br&gt;
The scanner has four modules:&lt;/p&gt;

&lt;p&gt;URL Seeder manually seeds known endpoints into ZAP's site tree before scanning. This is critical for Angular SPAs like OWASP Juice Shop where the traditional spider misses hash-based routes.&lt;br&gt;
Spider crawls all discoverable URLs from the seeded endpoints.&lt;br&gt;
Active Scanner injects attack payloads (SQL injection strings, XSS vectors) against every discovered endpoint.&lt;br&gt;
Report Generator produces a timestamped JSON report with a risk summary.&lt;/p&gt;

&lt;p&gt;Running a scan is one command:&lt;br&gt;
bashpython scanner.py --spider --scan --alerts --report&lt;br&gt;
What I Found&lt;br&gt;
Testing against OWASP Juice Shop, the scanner identified 122 security alerts including:&lt;/p&gt;

&lt;p&gt;🔴 1 High SQL Injection at /rest/products/search?q=apple'&lt;br&gt;
🟡 70 Medium CORS misconfigurations, missing CSP headers&lt;br&gt;
🔵 23 Low Application error disclosures, timestamp leakage&lt;br&gt;
⚪ 28 Informational Modern web app indicators&lt;/p&gt;

&lt;p&gt;The Interesting Problem&lt;br&gt;
Initially the scanner only found 1 alert. The issue? Juice Shop is an Angular SPA with hash-based routing. The ZAP spider couldn't discover routes like /#/login because they're rendered client-side.&lt;br&gt;
The fix was implementing a URL seeder that manually requests all known endpoints through the ZAP proxy before spidering. After that fix — 122 alerts.&lt;br&gt;
The Code&lt;br&gt;
The full source code is available on GitHub:&lt;br&gt;
👉 &lt;a href="https://github.com/JAAFAR12781/zap-vulnerability-scanner" rel="noopener noreferrer"&gt;https://github.com/JAAFAR12781/zap-vulnerability-scanner&lt;/a&gt;&lt;br&gt;
What's Next&lt;br&gt;
I'm planning to add AJAX spider support for deeper SPA coverage and HTML report generation for non-technical stakeholders.&lt;br&gt;
If you're building web apps and haven't run a vulnerability scan yet this tool makes it easy to get started.&lt;/p&gt;

</description>
      <category>python</category>
      <category>security</category>
      <category>owasp</category>
      <category>webdev</category>
    </item>
  </channel>
</rss>
