OWASP DeepViolet has been included and available in OWASP ZAP for awhile now as an additional add-on component. Briefly the background is that DeepViolet is a TLS/SSL scanning API and set of tools. OWASP ZAP is a Flagship application security scanner and includes some DeepViolet features for it’s TLS/SSL scanning. I decided to post this blog update since it was not clear to me how to use this scanning with ZAP. The following is a short post about how to install and use HttpsInfo(a.k.a DeepViolet) within your ZAP scanning projects.
I am running of the upcoming OWASP Board elections. There are 4-seats open this election cycle. For the benefit of those that don’t know, OWASP is one of the largest organizations of web application security professionals in the world.